urlscan.io logo urlscan.io
SecurityTrails logo

folkd.com Open in urlscan Pro
76.76.21.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.folkd.com/submit/movecasino.net/games-casino-online//
Effective URL: https://folkd.com/
Submission: On October 25 via manual from AU — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 70 IPs in 18 countries across 102 domains to perform 790 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is folkd.com.
TLS certificate: Issued by R3 on August 25th 2023. Valid for: 3 months.
This is the only time folkd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 12 76.76.21.21 16509 (AMAZON-02)
6 104.16.203.66 13335 (CLOUDFLAR...)
3 104.17.25.14 13335 (CLOUDFLAR...)
114 104.16.89.20 13335 (CLOUDFLAR...)
4 185.3.92.76 63949 (AKAMAI-LI...)
1 172.217.18.8 15169 (GOOGLE)
3 99.86.4.9 16509 (AMAZON-02)
2 142.250.185.170 15169 (GOOGLE)
15 172.217.16.132 15169 (GOOGLE)
10 172.217.18.3 15169 (GOOGLE)
2 13.107.213.44 8075 (MICROSOFT...)
3 11 35.193.186.65 396982 (GOOGLE-CL...)
3 104.16.137.79 13335 (CLOUDFLAR...)
3 54.187.159.182 16509 (AMAZON-02)
6 172.217.16.131 15169 (GOOGLE)
2 216.239.34.36 15169 (GOOGLE)
2 104.18.43.90 13335 (CLOUDFLAR...)
18 142.250.186.66 15169 (GOOGLE)
2 99.86.4.50 16509 (AMAZON-02)
5 23.96.124.68 8075 (MICROSOFT...)
14 35.186.236.140 15169 (GOOGLE)
1 44.241.50.239 16509 (AMAZON-02)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 178.250.1.3 44788 (ASN-CRITE...)
1 65.9.66.68 16509 (AMAZON-02)
1 18.66.127.127 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
13 142.250.185.129 15169 (GOOGLE)
1 34.120.107.143 396982 (GOOGLE-CL...)
1 35.190.39.111 15169 (GOOGLE)
1 63.35.103.141 16509 (AMAZON-02)
3 23.32.185.60 16625 (AKAMAI-AS)
60 172.217.16.193 15169 (GOOGLE)
67 142.250.186.162 15169 (GOOGLE)
2 141.95.33.111 16276 (OVH)
2 178.250.1.11 44788 (ASN-CRITE...)
1 4 34.98.64.218 396982 (GOOGLE-CL...)
3 142.250.185.251 15169 (GOOGLE)
2 103.124.95.152 131353 (NHANHOA-A...)
1 92.204.221.13 21499 (GODADDY-SXB)
1 23.227.60.200 13335 (CLOUDFLAR...)
1 172.96.191.154 59253 (LEASEWEB-...)
1 91.205.230.81 203020 (HOSTROYALE)
1 35.214.83.179 15169 (GOOGLE)
1 46.252.152.44 60087 (ASSUPERNOVA)
5 5 37.157.6.243 198622 (ADFORM)
1 2 52.95.126.160 16509 (AMAZON-02)
5 3.33.220.150 16509 (AMAZON-02)
8 74 142.250.74.194 15169 (GOOGLE)
1 213.227.153.224 60781 (LEASEWEB-...)
33 18.245.60.65 16509 (AMAZON-02)
1 47 52.19.192.213 16509 (AMAZON-02)
11 16.16.243.247 16509 (AMAZON-02)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
3 3 35.190.0.66 15169 (GOOGLE)
1 1 134.122.57.34 14061 (DIGITALOC...)
2 2 213.155.156.169 1299 (TWELVE99 ...)
1 1 20.127.253.7 8075 (MICROSOFT...)
2 4 2.16.97.41 16625 (AKAMAI-AS)
1 1 35.214.134.79 15169 (GOOGLE)
11 18.66.122.57 16509 (AMAZON-02)
98 3.91.171.144 14618 (AMAZON-AES)
3 3 3.210.170.5 14618 (AMAZON-AES)
8 8 64.202.112.95 22075 (AS-OUTBRAIN)
6 6 54.77.169.39 16509 (AMAZON-02)
4 6 213.180.193.90 13238 (YANDEX)
3 3 188.42.105.220 7979 (SERVERS-COM)
23 172.217.18.6 15169 (GOOGLE)
1 1 151.101.194.49 54113 (FASTLY)
2 2 31.220.27.135 39572 (ADVANCEDH...)
1 1 193.0.160.130 54312 (ROCKETFUEL)
3 3 82.145.213.8 39832 (NO-OPERA)
1 1 2.16.238.13 20940 (AKAMAI-ASN1)
2 4 104.18.25.173 13335 (CLOUDFLAR...)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 1 13.32.27.65 16509 (AMAZON-02)
1 69.20.43.192 27357 (RACKSPACE)
2 2 37.252.172.123 29990 (ASN-APPNEX)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.227.252.103 15169 (GOOGLE)
2 2 76.223.111.18 16509 (AMAZON-02)
2 2 124.146.153.170 2514 (INFOSPHER...)
4 4 63.215.202.137 41041 (VCLK-EU-SE)
3 3 178.250.1.9 44788 (ASN-CRITE...)
3 3 185.64.190.78 62713 (AS-PUBMATIC)
2 174.137.133.49 27257 (WEBAIR-IN...)
3 3 104.18.27.193 13335 (CLOUDFLAR...)
1 2 51.89.9.253 16276 (OVH)
7 7 3.71.157.32 16509 (AMAZON-02)
1 18.193.218.77 16509 (AMAZON-02)
2 91.228.74.208 16509 (AMAZON-02)
2 2 3.121.249.83 16509 (AMAZON-02)
1 1 52.45.175.185 14618 (AMAZON-AES)
2 2 3.120.0.219 16509 (AMAZON-02)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
1 1 204.236.233.227 14618 (AMAZON-AES)
10 142.250.186.34 15169 (GOOGLE)
1 11 18.245.60.76 16509 (AMAZON-02)
18 54.217.32.83 16509 (AMAZON-02)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 204.79.197.200 8068 (MICROSOFT...)
790 70
12    76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)
www.folkd.com
folkd.com
6    104.16.203.66 (None, )

ASN13335 (CLOUDFLARENET, US)
folkd0612.bubbleapps.io
3    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
114    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    185.3.92.76 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: nb-185-3-92-76.tc.nodebalancer.linode.com
monu.delivery
1    172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f8.1e100.net
www.googletagmanager.com
3    99.86.4.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-9.fra6.r.cloudfront.net
js.stripe.com
2    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
15    172.217.16.132 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f132.1e100.net
www.google.com
10    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
fonts.gstatic.com
2    13.107.213.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
11    35.193.186.65 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.186.193.35.bc.googleusercontent.com
xeqe-t3lw-i7hv.n7.xano.io
3    104.16.137.79 (None, )

ASN13335 (CLOUDFLARENET, US)
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io
meta.cdn.bubble.io
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
6    172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f131.1e100.net
www.gstatic.com
2    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    104.18.43.90 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
18    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
2    99.86.4.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-50.fra6.r.cloudfront.net
m.stripe.network
5    23.96.124.68 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
s.clarity.ms
14    35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com
imps.monu.delivery
1    44.241.50.239 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-50-239.us-west-2.compute.amazonaws.com
m.stripe.com
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    18.66.127.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-127.fra60.r.cloudfront.net
cdn.prod.uidapi.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
13    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
1    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    63.35.103.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-103-141.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com
widgets.outbrain.com
60    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net
tpc.googlesyndication.com
67    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googletagservices.com
pagead2.googlesyndication.com
2    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
eu-u.openx.net
us-u.openx.net
3    142.250.185.251 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f27.1e100.net
storage.googleapis.com
2    103.124.95.152 (Hanoi, Viet Nam)

ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN)
PTR: ttr01.nhanhoa.com
benhvienhiemmuonsaigon.vn
1    92.204.221.13 (Strasbourg, France)

ASN21499 (GODADDY-SXB, DE)
PTR: 13.221.204.92.host.secureserver.net
coinwatchdaily.com
1    23.227.60.200 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com
cdn.shopify.com
1    172.96.191.154 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.154-static.reverse.arandomserver.com
arafuru.com
1    91.205.230.81 (Lisbon, Portugal)

ASN203020 (HOSTROYALE, IN)
www.jeebr.net
1    35.214.83.179 (London, United Kingdom)

ASN15169 (GOOGLE, US)
PTR: 179.83.214.35.bc.googleusercontent.com
www.telljane.co.uk
1    46.252.152.44 (Italy)

ASN60087 (ASSUPERNOVA, IT)
PTR: hostingssd40-44.netsons.net
www.transdairy.net
5    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
74    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
1    213.227.153.224 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1t-eudc1.zemanta.com
33    18.245.60.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-65.fra60.r.cloudfront.net
static.yieldmo.com
47    52.19.192.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
11    16.16.243.247 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-16-243-247.eu-north-1.compute.amazonaws.com
protected-by.clarium.io
2    85.114.159.93 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    213.155.156.169 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
4    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
1    35.214.134.79 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 79.134.214.35.bc.googleusercontent.com
csync.loopme.me
11    18.66.122.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-57.fra60.r.cloudfront.net
matchadsrvr.yieldmo.com
98    3.91.171.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-171-144.compute-1.amazonaws.com
kinesis.us-east-1.amazonaws.com
3    3.210.170.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-170-5.compute-1.amazonaws.com
fksnk.com
8    64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
6    54.77.169.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-169-39.eu-west-1.compute.amazonaws.com
match.360yield.com
6    213.180.193.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
3    188.42.105.220 (Luxembourg)

ASN7979 (SERVERS-COM, US)
sync.gonet-ads.com
23    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net
s0.2mdn.net
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
3    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    2.16.238.13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-13.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
4    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    13.32.27.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-65.fra56.r.cloudfront.net
s.ad.smaato.net
1    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
2    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    124.146.153.170 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
4    63.215.202.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-nessy-float1.dotomi.com
dclk-match.dotomi.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
3    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
7    3.71.157.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-157-32.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    18.193.218.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-218-77.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    91.228.74.208 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    3.121.249.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-249-83.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
2    3.120.0.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-0-219.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    204.236.233.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-204-236-233-227.compute-1.amazonaws.com
google.partners.tremorhub.com
10    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads.g.doubleclick.net
11    18.245.60.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-76.fra60.r.cloudfront.net
sb.scorecardresearch.com
18    54.217.32.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
s.update.tas.yieldmo.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
Apex Domain
Subdomains		 Transfer
128 googlesyndication.com
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
723 KB
114 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
78 KB
109 yieldmo.com
static.yieldmo.com — Cisco Umbrella Rank: 2885
ads.yieldmo.com — Cisco Umbrella Rank: 752
matchadsrvr.yieldmo.com — Cisco Umbrella Rank: 3270
s.update.tas.yieldmo.com — Cisco Umbrella Rank: 11705
2 MB
102 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
448 KB
98 amazonaws.com
kinesis.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1281
27 KB
23 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
8 MB
18 monu.delivery
monu.delivery — Cisco Umbrella Rank: 27984
imps.monu.delivery — Cisco Umbrella Rank: 33856
170 KB
16 gstatic.com
fonts.gstatic.com
www.gstatic.com
889 KB
15 google.com
www.google.com — Cisco Umbrella Rank: 2
37 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
707 KB
12 folkd.com
www.folkd.com
folkd.com
16 KB
11 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 179
4 KB
11 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1651
3 KB
11 xano.io
xeqe-t3lw-i7hv.n7.xano.io
20 KB
9 zemanta.com
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 20426
b1sync.zemanta.com — Cisco Umbrella Rank: 637
5 KB
9 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 998
s.clarity.ms — Cisco Umbrella Rank: 8054
c.clarity.ms — Cisco Umbrella Rank: 1548
23 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
4 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1487
q.stripe.com — Cisco Umbrella Rank: 8805
m.stripe.com — Cisco Umbrella Rank: 1382
140 KB
6 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5362
1 KB
6 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2517
2 KB
6 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1906 Failed
google-bidout-d.openx.net — Cisco Umbrella Rank: 1919
eu-u.openx.net — Cisco Umbrella Rank: 2959
us-u.openx.net — Cisco Umbrella Rank: 547
rtb.openx.net — Cisco Umbrella Rank: 912
u.openx.net Failed
2 KB
6 bubbleapps.io
folkd0612.bubbleapps.io
1 MB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
741 B
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 643
3 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
dis.criteo.com — Cisco Umbrella Rank: 648
8 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
storage.googleapis.com — Cisco Umbrella Rank: 439
139 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3431
yieldmo-match.dotomi.com Failed
2 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com — Cisco Umbrella Rank: 2451
2 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1584
1 KB
3 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
2 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 967
1 KB
3 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2092
2 KB
3 gonet-ads.com
sync.gonet-ads.com — Cisco Umbrella Rank: 23313
1 KB
3 fksnk.com
fksnk.com — Cisco Umbrella Rank: 5702
2 KB
3 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8325
924 B
3 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2100
14 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
id5-sync.com — Cisco Umbrella Rank: 470
32 KB
3 bubble.io
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io
meta.cdn.bubble.io — Cisco Umbrella Rank: 226605
187 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
30 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2268
569 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1069
2 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 5274
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
928 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
807 B
2 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 8350
466 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1247
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 434
958 B
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 542
ib.adnxs.com Failed
2 KB
2 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 6396
578 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5121
645 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
1 KB
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
2 KB
2 benhvienhiemmuonsaigon.vn
benhvienhiemmuonsaigon.vn
187 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
13 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1603
18 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1591
168 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250
304 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 257
760 B
1 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 16611
631 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 14303
520 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621
35 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50844
611 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
712 B
1 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2818
521 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 893
448 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
pixel-eu.rubiconproject.com Failed
456 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2907
1015 B
1 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 3681
1 KB
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
539 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
413 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1484
712 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2536
549 B
1 transdairy.net
www.transdairy.net
3 KB
1 telljane.co.uk
www.telljane.co.uk
2 KB
1 jeebr.net
www.jeebr.net
49 KB
1 arafuru.com
arafuru.com
628 B
1 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2460
12 KB
1 coinwatchdaily.com
coinwatchdaily.com
48 KB
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 6069
474 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2118
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
79 KB
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 iqzone.com Failed
xsync.iqzone.com Failed
0 agkn.com Failed
aa.agkn.com Failed
0 rlcdn.com Failed
idsync.rlcdn.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 smartadserver.com Failed
ssbsync.smartadserver.com Failed
0 media.net Failed
contextual.media.net Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 adentifi.com Failed
rtb.adentifi.com Failed
0 bttrack.com Failed
bttrack.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 yahoo.com Failed
ups.analytics.yahoo.com Failed
0 1rx.io Failed
sync.1rx.io — Cisco Umbrella Rank: 649 Failed
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
790 102
Domain Requested by
114 cdn.jsdelivr.net folkd.com
folkd0612.bubbleapps.io
securepubads.g.doubleclick.net
98 kinesis.us-east-1.amazonaws.com static.yieldmo.com
74 cm.g.doubleclick.net 8 redirects google-bidout-d.openx.net
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
ads.yieldmo.com
60 tpc.googlesyndication.com folkd.com
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
55 pagead2.googlesyndication.com 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
folkd.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
47 ads.yieldmo.com 1 redirects 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
folkd.com
static.yieldmo.com
33 static.yieldmo.com folkd.com
static.yieldmo.com
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
23 s0.2mdn.net 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
folkd.com
18 s.update.tas.yieldmo.com folkd.com
s.update.tas.yieldmo.com
18 securepubads.g.doubleclick.net monu.delivery
securepubads.g.doubleclick.net
folkd.com
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
15 www.google.com folkd0612.bubbleapps.io
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
14 imps.monu.delivery folkd.com
13 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
12 www.googletagservices.com folkd.com
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
11 sb.scorecardresearch.com 1 redirects 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
11 matchadsrvr.yieldmo.com static.yieldmo.com
11 protected-by.clarium.io 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
11 xeqe-t3lw-i7hv.n7.xano.io 3 redirects cdn.jsdelivr.net
11 folkd.com 2 redirects folkd.com
folkd0612.bubbleapps.io
10 googleads.g.doubleclick.net folkd.com
10 fonts.gstatic.com fonts.googleapis.com
www.google.com
8 b1sync.zemanta.com 8 redirects ads.yieldmo.com
7 x.bidswitch.net 7 redirects ads.yieldmo.com
6 an.yandex.ru 4 redirects 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
6 match.360yield.com 6 redirects
6 www.gstatic.com www.google.com
www.gstatic.com
6 folkd0612.bubbleapps.io folkd.com
folkd0612.bubbleapps.io
5 match.adsrvr.org google-bidout-d.openx.net
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
ads.yieldmo.com
5 c1.adform.net 5 redirects ads.yieldmo.com
5 s.clarity.ms www.clarity.ms
4 dclk-match.dotomi.com 4 redirects
4 sync.teads.tv 2 redirects 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
4 monu.delivery folkd.com
monu.delivery
3 ssum-sec.casalemedia.com 3 redirects
3 image6.pubmatic.com 3 redirects
3 dis.criteo.com 3 redirects ads.yieldmo.com
3 t.adx.opera.com 3 redirects
3 sync.gonet-ads.com 3 redirects
3 fksnk.com 3 redirects
3 ads.travelaudience.com 3 redirects
3 storage.googleapis.com folkd.com
3 widgets.outbrain.com folkd.com
widgets.outbrain.com
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
3 q.stripe.com folkd.com
3 js.stripe.com folkd.com
js.stripe.com
3 cdnjs.cloudflare.com folkd.com
2 c.clarity.ms 1 redirects
2 tr.blismedia.com 1 redirects 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 ads.creative-serving.com 2 redirects
2 cms.quantserve.com 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
2 onetag-sys.com 1 redirects 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
2 dsp.adkernel.com 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
2 tg.socdm.com 2 redirects
2 eb2.3lift.com 2 redirects
2 secure.adnxs.com 2 redirects
2 s.tribalfusion.com 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
2 a.tribalfusion.com 2 redirects
2 s.uuidksinc.net 2 redirects
2 d5p.de17a.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects google-bidout-d.openx.net
ads.yieldmo.com
2 benhvienhiemmuonsaigon.vn folkd.com
2 google-bidout-d.openx.net 1 redirects oa.openxcdn.net
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 id5-sync.com cdn.id5-sync.com
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 cdn.confiant-integrations.net monu.delivery
cdn.confiant-integrations.net
2 region1.google-analytics.com www.googletagmanager.com
2 1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io folkd.com
2 www.clarity.ms folkd.com
www.clarity.ms
2 fonts.googleapis.com folkd0612.bubbleapps.io
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
1 c.bing.com 1 redirects
1 meta.cdn.bubble.io folkd0612.bubbleapps.io
1 google.partners.tremorhub.com 1 redirects
1 im.bluevoox.com 1 redirects
1 match.sharethrough.com 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
1 rtb.openx.net 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 um.simpli.fi 1 redirects
1 cs.lkqd.net 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
1 s.ad.smaato.net 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 analytics.pangle-ads.com 1 redirects
1 a.rfihub.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 csync.loopme.me 1 redirects ads.yieldmo.com
1 sync.inmobi.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 b1t-eudc1.zemanta.com 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
1 us-u.openx.net google-bidout-d.openx.net
1 eu-u.openx.net google-bidout-d.openx.net
1 www.transdairy.net folkd.com
1 www.telljane.co.uk folkd.com
1 www.jeebr.net folkd.com
1 arafuru.com folkd.com
1 cdn.shopify.com folkd.com
1 coinwatchdaily.com folkd.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 esp.rtbhouse.com folkd.com
1 oajs.openx.net folkd.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 m.stripe.com m.stripe.network
1 www.googletagmanager.com folkd.com
1 www.folkd.com 1 redirects
0 cs.admanmedia.com Failed ads.yieldmo.com
0 match.prod.bidr.io Failed ads.yieldmo.com
0 xsync.iqzone.com Failed ads.yieldmo.com
0 aa.agkn.com Failed ads.yieldmo.com
0 idsync.rlcdn.com Failed ads.yieldmo.com
0 rtb.mfadsrvr.com Failed ads.yieldmo.com
0 ssbsync.smartadserver.com Failed ads.yieldmo.com
0 contextual.media.net Failed ads.yieldmo.com
0 stags.bluekai.com Failed ads.yieldmo.com
0 u.openx.net Failed ads.yieldmo.com
0 yieldmo-match.dotomi.com Failed ads.yieldmo.com
0 sync.srv.stackadapt.com Failed ads.yieldmo.com
0 rtb.adentifi.com Failed ads.yieldmo.com
0 bttrack.com Failed ads.yieldmo.com
0 bh.contextweb.com Failed ads.yieldmo.com
0 pixel-eu.rubiconproject.com Failed ads.yieldmo.com
0 pixel.tapad.com Failed ads.yieldmo.com
0 ups.analytics.yahoo.com Failed ads.yieldmo.com
0 ib.adnxs.com Failed ads.yieldmo.com
0 sync.1rx.io Failed ads.yieldmo.com
0 cs.chocolateplatform.com Failed 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
0 sync-dmp.aura-dsp.com Failed 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
790 131
Subject Issuer Validity Valid
folkd.com
R3		 2023-08-25 -
2023-11-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-05 -
2024-05-04		 a year crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA		 2023-02-23 -
2024-03-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-31 -
2023-11-30		 4 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
*.n7.xano.io
R3		 2023-10-04 -
2024-01-02		 3 months crt.sh
bubble.io
Cloudflare Inc ECC CA-3		 2022-12-17 -
2023-12-16		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-09-20 -
2023-12-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
imps.monu.delivery
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-09-10 -
2023-12-09		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
benhvienhiemmuonsaigon.vn
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
coinwatchdaily.com
Go Daddy Secure Certificate Authority - G2		 2023-06-13 -
2024-06-13		 a year crt.sh
cdn.shopify.com
E1		 2023-09-10 -
2023-12-09		 3 months crt.sh
tokotanaman.com
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
jeebr.net
R3		 2023-10-11 -
2024-01-09		 3 months crt.sh
telljane.co.uk
R3		 2023-09-15 -
2023-12-14		 3 months crt.sh
transdairy.net
cPanel, Inc. Certification Authority		 2023-08-28 -
2023-11-26		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
static.yieldmo.com
Amazon RSA 2048 M02		 2023-05-21 -
2024-06-18		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
protected-by.clarium.io
Amazon RSA 2048 M01		 2022-12-16 -
2024-01-14		 a year crt.sh
kinesis.us-east-1.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
post.update.tas.yieldmo.com
R3		 2023-10-01 -
2023-12-30		 3 months crt.sh

This page contains 70 frames:

Primary Page: https://folkd.com/
Frame ID: 26D520084A9FB6724463CB94EFE6B510
Requests: 222 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 13C8B740797CC80125906F8978DFCF0A
Requests: 4 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 608DB2C989E5F634C2BFF6C3E26A38D5
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: FBAA846EED75ECE8C804FACC13A4C3AB
Requests: 4 HTTP requests in this frame

Frame: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A18C0C57EF0B8F9FD9F0F2966EB5F021
Requests: 1 HTTP requests in this frame

Frame: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7F288D594BF1D8B56AD4987D9074BC56
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/n2d/widget/widget.js
Frame ID: AC03D4FA7672DF583C097F31957D2394
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
Frame ID: D53A5419DD552EDFD3558B83B938F4C6
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Frame ID: BB4A34F20B00EBE1F1696153E1AD1DD7
Requests: 6 HTTP requests in this frame

Frame: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 79E1DBE637FD6200D10E05D5EBADBFF1
Requests: 27 HTTP requests in this frame

Frame: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1B73429C91636FF74A9D492C90B8DFD0
Requests: 22 HTTP requests in this frame

Frame: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AFA46E1539F3581BC465F4E3400E797C
Requests: 22 HTTP requests in this frame

Frame: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ECD51CFEB43C10DDD90F5FF8FC6C9E0B
Requests: 21 HTTP requests in this frame

Frame: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4BA114FFF9A83B4318387C13FBDC9C1D
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 88EEA4FDC1FF822C3AD80CF229240A58
Requests: 9 HTTP requests in this frame

Frame: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1DF274876E7E8413184872F2E23CF32D
Requests: 22 HTTP requests in this frame

Frame: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B86F32EEBD6375835754FCA145C1D584
Requests: 22 HTTP requests in this frame

Frame: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B30E60133831245B64AB8488D21563BA
Requests: 22 HTTP requests in this frame

Frame: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 04C91D6E2755B1679A05A92A0241F117
Requests: 22 HTTP requests in this frame

Frame: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 219605DD4D2CFD7FBAF78A4E0628E6E4
Requests: 23 HTTP requests in this frame

Frame: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB6B4E428EA14847154C2C7E365C6BB6
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 46D0F5CCA265406E11FB5761DAFC807C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EDABABE1C1C12BFCBA115A040BCCCCEB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CEBC937CA06171F64411ADA11EA990F8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2B668455175310B69021B9437657099F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 16265FB105532BD08FC32A5A643D8837
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1BE4523379958C9C7DD794E1F629A378
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 56615E0EC256BA5E78DB56C5732C2CD4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5D95D1E5365794B49681BE8047EB2936
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6270E310B005479BF3506D2F8CF775D6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3E83480A6F92A23527D44A20238103BA
Requests: 9 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 46D7608A1F96EFEB8F2F92D8C2F9A0EF
Requests: 32 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 52A41CCFEDBB92B150AFDE84547AA0BA
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 30CFAE2AC20ABB853332846C5C10FB4F
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 74B166EECC11550AA844ACFFA6EEE03F
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 4DF8E6B5B3CB3F50C0B9E4E59EEFD27A
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: D3B9FE5459BE30415AD79FF2F699CEF0
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: C2DE7EA0D4C580CEBEA80A47C9F1D10E
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: DF239055F7E5E4239D6D03BBB2D3BE7D
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 520821CBC9761613CB58D9BB2F278A6B
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 97E7E2DA490355B130F78AA9C61A7247
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: AEEE8CD3F88CB43A2A6630B7A0866ED8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 8A9DD51785BA59E75ED8BDDA62876F77
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: F8A4C47CD3A548CC50C854FADED4713B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 3CA5F4370E01ED67DD272337460918E4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: A47ADD09DB14D5ABA309FFBB7C8954C9
Requests: 5 HTTP requests in this frame

Frame: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3391854064443794120&pv=a30c4d1a-dd8d-4d01-baa7-af9f2b1b23e2&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3391854064443794120&bt=programmatic&gt=ch
Frame ID: A219031F2C194578CEAEA4380C24C9B4
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 16CA1CFD8925B478F1495274544B566E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: D89091FC4143221FC61003A0DAD72F3D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: B4967A5EB820659316EC226A39FCD01A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 61D08619056ED5CE73D163597FA5D37E
Requests: 5 HTTP requests in this frame

Frame: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3391854064309576353&pv=94ad508b-1209-47c5-a0bb-e1a453030789&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3391854064309576353&bt=programmatic&gt=ch
Frame ID: B74CA7ACCFD315ED73A0081566792819
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 48A1A6B8DD41E577D075CFC31D68AAC2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 63B0F28E91039A561B7E57CD020591DB
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=vm_YDiq1BiI3a8zfbIPZjtF2&theme=light&size=normal&cb=x0g1iyl3riu3
Frame ID: 9EB9CA4219A6AB6D5BE8804D0148D04D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A30CA347B02DD6E31C0F9A73D0A958A8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8E9F974622F12835127D2BBB1DAF4E4F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E5C50171D5FE48D6B87FB8055A9331D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DEAABBC5DA4531096BA35D3EA20CDE6F
Requests: 2 HTTP requests in this frame

Frame: blob://https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/4fd69777-4ada-48e9-aab3-c80d5e98fc9f
Frame ID: AD206110C5F6152543F9588B7948E659
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B0A6B5BB08A816682A379E15FBE0B8B8
Requests: 2 HTTP requests in this frame

Frame: blob://https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/59a74ff1-197a-4b2b-82f1-8813b9f6592a
Frame ID: 62B71D868CBE6F332923C61E1E7C081B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DBD722336785C553BB3D30A504E701B5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A3BE6EDAB952A25B232DB3A4CF29001
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8CAA4977FB26F14E1CFC9C4BFB274B17
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI
Frame ID: 7EFF49F3CBCE97AA9A66C7C46F038989
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A597001D78B7A78DF27A7AF727C765D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F2F26D38D9856FB9037FF89F0AB7DAD6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3980AA01C8CB1F93AE70E8B2A288DDDF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D5C20DD822BBD6CCA45EE92B6F4539F4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Folkd | Home

Page URL History Show full URLs

  1. https://www.folkd.com/submit/movecasino.net/games-casino-online// HTTP 307
    https://folkd.com/submit/movecasino.net/games-casino-online// HTTP 308
    https://folkd.com/submit/movecasino.net/games-casino-online/ HTTP 301
    https://folkd.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

790
Requests

86 %
HTTPS

0 %
IPv6

102
Domains

131
Subdomains

70
IPs

18
Countries

15966 kB
Transfer

34383 kB
Size

100
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.folkd.com/submit/movecasino.net/games-casino-online// HTTP 307
    https://folkd.com/submit/movecasino.net/games-casino-online// HTTP 308
    https://folkd.com/submit/movecasino.net/games-casino-online/ HTTP 301
    https://folkd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114
  • https://google-bidout-d.openx.net/w/1.0/pd?plm=5 HTTP 302
  • https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Request Chain 131
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/XrSYsWjOyOQJ_E416DJe_0EPN9g/HcFZMg../Logo+B%E1%BB%87nh+vi%E1%BB%87n+H%E1%BB%97+tr%E1%BB%A3+Sinh+S%E1%BA%A3n+v%C3%A0+Nam+h%E1%BB%8Dc+S%C3%A0i+G%C3%B2n.jpg HTTP 303
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/XrSYsWjOyOQJ_E416DJe_0EPN9g/HcFZMg../Logo%20B%E1%BB%87nh%20vi%E1%BB%87n%20H%E1%BB%97%20tr%E1%BB%A3%20Sinh%20S%E1%BA%A3n%20v%C3%A0%20Nam%20h%E1%BB%8Dc%20S%C3%A0i%20G%C3%B2n.jpg
Request Chain 135
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/TXS8PSKP37xch06lAj74vClkNr8/iV8bCg../logo+Coinwatchdaily-02.png HTTP 303
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/TXS8PSKP37xch06lAj74vClkNr8/iV8bCg../logo%20Coinwatchdaily-02.png
Request Chain 145
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/OkoCJd82LftZsMoWtxyuEtirwI8/azT9Wg../169193661-home-broadband.jpg HTTP 303
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/OkoCJd82LftZsMoWtxyuEtirwI8/azT9Wg../169193661-home-broadband.jpg
Request Chain 231
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8508965629740719938
Request Chain 232
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fa062ab8-a65d-864f-9a81-b2a48d6df7d3 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fa062ab8-a65d-864f-9a81-b2a48d6df7d3&dcc=t
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH0gbkwdJqDo6Vusr5daRi0&google_cver=1
Request Chain 351
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELinqjiMucWKJM2-sC_bkZI&google_cver=1&google_push=AXcoOmQnN1DtS3l9A-rk6QZKtSFdhg7IpepoqFv7NsA0bX3Cu7lSNoUjJhHEha4gMR2YGKCyRn_ukV_8l6bLHcttHSonrfIWMLwB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MzcwNzA4ODMzNzUwMDMwNg%3D%3D&google_push=AXcoOmQnN1DtS3l9A-rk6QZKtSFdhg7IpepoqFv7NsA0bX3Cu7lSNoUjJhHEha4gMR2YGKCyRn_ukV_8l6bLHcttHSonrfIWMLwB
Request Chain 352
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELMRxIbiLGVhQkHMd-SRUQQ&google_cver=1&google_push=AXcoOmRPKruOhm8OuH9XXG5uClPH9pamirqaMP_k-o6jJxhBBK1PuRnAHik_y_Lz-XUolExRLdbqxghyrVecwr5mRIpnKNxJ2gkp HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zCCG4B61S78lLo5ZliRIZw&google_push=AXcoOmRPKruOhm8OuH9XXG5uClPH9pamirqaMP_k-o6jJxhBBK1PuRnAHik_y_Lz-XUolExRLdbqxghyrVecwr5mRIpnKNxJ2gkp
Request Chain 353
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEJb_DYhwbu-f5Q2JYVx-hyA&google_cver=1&google_push=AXcoOmQMmpSCFzzHvrtNBye-debwIh0c8bT3QCAK7KkSOSkKmi5YRLH4nX3wXD8Or_odqashaU-BxMEwR1J43RTg2owaX6hleSs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQMmpSCFzzHvrtNBye-debwIh0c8bT3QCAK7KkSOSkKmi5YRLH4nX3wXD8Or_odqashaU-BxMEwR1J43RTg2owaX6hleSs
Request Chain 354
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECatlkWXvj3Nh32PbthLJho&google_cver=1&google_push=AXcoOmRiwdT6E3mbfFo5SMZGrJz3U4ciM420j5jvuc_ut7pMpxZOKcF82rbjL9UT_wS-LZ8OaTBrwX22WAVgSW2rAvYjJWxHiVA HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECatlkWXvj3Nh32PbthLJho&google_cver=1&google_push=AXcoOmRiwdT6E3mbfFo5SMZGrJz3U4ciM420j5jvuc_ut7pMpxZOKcF82rbjL9UT_wS-LZ8OaTBrwX22WAVgSW2rAvYjJWxHiVA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRiwdT6E3mbfFo5SMZGrJz3U4ciM420j5jvuc_ut7pMpxZOKcF82rbjL9UT_wS-LZ8OaTBrwX22WAVgSW2rAvYjJWxHiVA
Request Chain 355
  • https://sync.inmobi.com/gob?google_gid=CAESEPILYLi7s6XYpBp-eoRRgVs&google_cver=1&google_push=AXcoOmSH2Gs-u8uH6G9jHMeAZKHVvHeSETymHaQPVMxjPWYN_hLBS6XkTD4rPlEXs91S4q2l86ymtqUneZRqrhviVpKfXGRCuV2LBA HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSH2Gs-u8uH6G9jHMeAZKHVvHeSETymHaQPVMxjPWYN_hLBS6XkTD4rPlEXs91S4q2l86ymtqUneZRqrhviVpKfXGRCuV2LBA
Request Chain 356
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDfhCWqIOGr3KZKYn6A_eUQ&google_cver=1&google_push=AXcoOmRU40aExA4IMLpQRykuEuvYpDVquZzPEHJDmFByH1goRdfF50xW-WRoppuMsysL-PhhQSx2Ce7e6k2LY-G6jo_xoMkCHgTt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MjM0MGJhOTctOWIzMi00M2RlLTk3OWUtYjE5NDM2ZGJlMDA4&google_push=AXcoOmRU40aExA4IMLpQRykuEuvYpDVquZzPEHJDmFByH1goRdfF50xW-WRoppuMsysL-PhhQSx2Ce7e6k2LY-G6jo_xoMkCHgTt HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 357
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEN4myh1okpQtegx1gCUsgAI&google_cver=1&google_push=AXcoOmRJqeGL7sHW8byFB5-9OMdMCM9Z6s5Y4vOnbWlVFbAQvbeJkdmilpk70GQhCA8LKypkdaezBNcyzskyIB1g3iEPrtshns60 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b011d054-9189-4a11-8935-5c09b31893d8&google_cver=1&google_gid=CAESEN4myh1okpQtegx1gCUsgAI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRJqeGL7sHW8byFB5-9OMdMCM9Z6s5Y4vOnbWlVFbAQvbeJkdmilpk70GQhCA8LKypkdaezBNcyzskyIB1g3iEPrtshns60&gdpr=${GDPR}
Request Chain 366
  • https://fksnk.com/cs/google?google_gid=CAESEEwgvp23sZOFQpkMztGihIQ&google_cver=1&google_push=AXcoOmS3pSSXPzKKJqhjivFkwLclEHcJ1b87XYH28MyaVSNsiczvJGvabkF8RDuqSDq1CDp4vLdFmf-ly7pFOnHiR8b8zudSdb8H HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NzIxRDhDNkY2MTQyMzJGNA==
Request Chain 367
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEBdGzzI9GIc3M0QdAXnh5E&google_cver=1&google_push=AXcoOmT6oBmV6qqtqLCxNIkKqaEuIDW9FsmW01k6YdSydBNbVzSCGBjp0j2iAosBe1ErLvq5tVk3Ij3s2fc0uknYwKr20IfnGZ4 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEBdGzzI9GIc3M0QdAXnh5E&google_push=AXcoOmT6oBmV6qqtqLCxNIkKqaEuIDW9FsmW01k6YdSydBNbVzSCGBjp0j2iAosBe1ErLvq5tVk3Ij3s2fc0uknYwKr20IfnGZ4&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT6oBmV6qqtqLCxNIkKqaEuIDW9FsmW01k6YdSydBNbVzSCGBjp0j2iAosBe1ErLvq5tVk3Ij3s2fc0uknYwKr20IfnGZ4&google_hm=Y3o2MFlURzNCNTNiejVSMkk5X2E=
Request Chain 368
  • https://match.360yield.com/match/ebda?google_gid=CAESEOJWeiJpk1a0X28zG0HW49w&google_cver=1&google_push=AXcoOmSF-RNJhVd6PtdY6zIK6Bh0ncvhU9sI5-IXK0ahRa9k79uF71OHy9qrzhdK7iMQL8YJYd0-gJWC0zOJSNMi44qX-0HTnijQ HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOJWeiJpk1a0X28zG0HW49w&google_cver=1&google_push=AXcoOmSF-RNJhVd6PtdY6zIK6Bh0ncvhU9sI5-IXK0ahRa9k79uF71OHy9qrzhdK7iMQL8YJYd0-gJWC0zOJSNMi44qX-0HTnijQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=uxE8gk7AR1utJJp3217vGQ&google_push=AXcoOmSF-RNJhVd6PtdY6zIK6Bh0ncvhU9sI5-IXK0ahRa9k79uF71OHy9qrzhdK7iMQL8YJYd0-gJWC0zOJSNMi44qX-0HTnijQ
Request Chain 370
  • https://an.yandex.ru/mapuid/google/CAESEKebHHQsc64MzgT-D95Etl8?ext-param=AXcoOmTSe1Q0uooOYydNOeyfSZxvJFBJDBbw_LvUGO29f2ZzKW6ITcrrfkM6bXs8Wk8xah2EOs9d9YuJoWfYlOEDqL49Q0f2hACJ&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEKebHHQsc64MzgT-D95Etl8?redir-setuniq=1&ext-param=AXcoOmTSe1Q0uooOYydNOeyfSZxvJFBJDBbw_LvUGO29f2ZzKW6ITcrrfkM6bXs8Wk8xah2EOs9d9YuJoWfYlOEDqL49Q0f2hACJ&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKebHHQsc64MzgT-D95Etl8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 371
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEG2OBvi74xPz_i0kHgGAVJo&google_cver=1&google_push=AXcoOmQwT3Lte71sm-Aj2ah2OlM_9EhgdjXK-nHogOwh-XDHMOOQDFS4cAfxEfGssHpPaDqYJd4SX5ql2e9nOarPIwUXI74g9u4EEQ HTTP 302
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEG2OBvi74xPz_i0kHgGAVJo&google_cver=1&google_push=AXcoOmQwT3Lte71sm-Aj2ah2OlM_9EhgdjXK-nHogOwh-XDHMOOQDFS4cAfxEfGssHpPaDqYJd4SX5ql2e9nOarPIwUXI74g9u4EEQ&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NDZmOTI1NDMzMjU2Yzg0NQ&google_push=AXcoOmQwT3Lte71sm-Aj2ah2OlM_9EhgdjXK-nHogOwh-XDHMOOQDFS4cAfxEfGssHpPaDqYJd4SX5ql2e9nOarPIwUXI74g9u4EEQ HTTP 302
  • https://sync.gonet-ads.com/match/google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NDZmOTI1NDMzMjU2Yzg0NQ&google_push= HTTP 302
  • https://s0.2mdn.net/dot.gif?google_error=5
Request Chain 373
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF0fGwnFUNJaj0JL6gKkIos&google_cver=1&google_push=AXcoOmS5FJAxprdtmjkQqEnj1l5I4ofAo2NvzsXdelouhg2UxkdjGmhH3FlwtgsWoCrUsLCasYfZGi7vedzC6Qp6smPazrNIeZE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF0fGwnFUNJaj0JL6gKkIos&google_push=AXcoOmS5FJAxprdtmjkQqEnj1l5I4ofAo2NvzsXdelouhg2UxkdjGmhH3FlwtgsWoCrUsLCasYfZGi7vedzC6Qp6smPazrNIeZE
Request Chain 375
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJTpS67DYAC4Mr1Rry17mVo&c_param1=AXcoOmTOnJiP0Jo0aVoZ7yGfsNEqu5AwKrfzONAY70jEQ2mzp8w4hIB-ha0h1SXULyB7S6dN27fGs959tp846g2_Sg_QB9m_zxG_&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTOnJiP0Jo0aVoZ7yGfsNEqu5AwKrfzONAY70jEQ2mzp8w4hIB-ha0h1SXULyB7S6dN27fGs959tp846g2_Sg_QB9m_zxG_
Request Chain 376
  • https://match.360yield.com/match/ebda?google_gid=CAESEOJWeiJpk1a0X28zG0HW49w&google_cver=1&google_push=AXcoOmTVa-qnUwzLOPNidfnsIk-AIj7FGl50ga3L797t4Y8kEJRlFO9Q8nWD_dABgKTFNGw2PiXgUiAnQUdEhdCjSedsGiUI-9Q HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOJWeiJpk1a0X28zG0HW49w&google_cver=1&google_push=AXcoOmTVa-qnUwzLOPNidfnsIk-AIj7FGl50ga3L797t4Y8kEJRlFO9Q8nWD_dABgKTFNGw2PiXgUiAnQUdEhdCjSedsGiUI-9Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=uxE8gk7AR1utJJp3217vGQ&google_push=AXcoOmTVa-qnUwzLOPNidfnsIk-AIj7FGl50ga3L797t4Y8kEJRlFO9Q8nWD_dABgKTFNGw2PiXgUiAnQUdEhdCjSedsGiUI-9Q
Request Chain 377
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEIfy-679-XSr4KD0733guEY&google_cver=1&google_push=AXcoOmS_OScIX3pTvpjhnAfJFtQKfp8NOxCugbri72fAXDZhIbpf7LCJ4Dv8ur1j1jFLpLeliNMfo5awSJ8u0fTndGrsVW_UYT3f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS_OScIX3pTvpjhnAfJFtQKfp8NOxCugbri72fAXDZhIbpf7LCJ4Dv8ur1j1jFLpLeliNMfo5awSJ8u0fTndGrsVW_UYT3f&google_hm=MjAzNDQ3MzA5OTQzMjE2NDg1MA==
Request Chain 378
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRN2sXlJiMs64kMd0t-ulyGA0qUMMPHtp3nA1ey4DkZPrV1Pb9RSRFaufphk0OCgpPEZN-kvB-JlU3HD3MKYkIC_IHueLysZw&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_hm=T1BVNDAxNmM2ODI4ZmQ4NDcxYWIzYjc0MDlmMjM3M2RkNGQ&google_nid=opera_norway_as&google_push=AXcoOmRN2sXlJiMs64kMd0t-ulyGA0qUMMPHtp3nA1ey4DkZPrV1Pb9RSRFaufphk0OCgpPEZN-kvB-JlU3HD3MKYkIC_IHueLysZw
Request Chain 379
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEKqLav-IqFk_zT7M-Skr9vE&google_cver=1&google_push=AXcoOmR6S49fSQJHo4yG9nvuvE8IqHulhKcOchU4TXDImMkmQyha4FnMXuQibaB3zWXf-dOI3oLgRo-JSl90LLJ_aDaYq6zxiesmAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR6S49fSQJHo4yG9nvuvE8IqHulhKcOchU4TXDImMkmQyha4FnMXuQibaB3zWXf-dOI3oLgRo-JSl90LLJ_aDaYq6zxiesmAA
Request Chain 381
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJE5l3OKuBaFkx8ONypsMW0&google_cver=1&google_push=AXcoOmTSvHaoFOFgEIux2CgJo5Pf5ynIUjuWtZzk35kw69HrT7TFxAWwXqaC696LyYuVO2vwDEW6tkDbGKibreChlGXnoQclKA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSvHaoFOFgEIux2CgJo5Pf5ynIUjuWtZzk35kw69HrT7TFxAWwXqaC696LyYuVO2vwDEW6tkDbGKibreChlGXnoQclKA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJE5l3OKuBaFkx8ONypsMW0&google_cver=1&google_push=AXcoOmTSvHaoFOFgEIux2CgJo5Pf5ynIUjuWtZzk35kw69HrT7TFxAWwXqaC696LyYuVO2vwDEW6tkDbGKibreChlGXnoQclKA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSvHaoFOFgEIux2CgJo5Pf5ynIUjuWtZzk35kw69HrT7TFxAWwXqaC696LyYuVO2vwDEW6tkDbGKibreChlGXnoQclKA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 382
  • https://fksnk.com/cs/google?google_gid=CAESEEwgvp23sZOFQpkMztGihIQ&google_cver=1&google_push=AXcoOmTgfPRxvf4I2wMbXuQ5W-ElKGCdZVQAbRqpzXOzKfZCUhjG4cZW0sSPsFWpMw4PzoHcG5XRoUgJ1nXdzx0HndWmlTGUlsg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTNBMjREMzI0M0RCQzRFMA==
Request Chain 383
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELinqjiMucWKJM2-sC_bkZI&google_cver=1&google_push=AXcoOmS_582Q0NbZTCSxQ09w4xBpmGhLFXWpwPe7r5qPm7saW5FuIpq5PAuoUtgD5ZvnKn1pXX1UH1sCQi0v_WFtHkkuqUl8zg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MzcwNzA4ODMzOTA3MzE3MA%3D%3D&google_push=AXcoOmS_582Q0NbZTCSxQ09w4xBpmGhLFXWpwPe7r5qPm7saW5FuIpq5PAuoUtgD5ZvnKn1pXX1UH1sCQi0v_WFtHkkuqUl8zg
Request Chain 384
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDdoYfRQU2ItSyGlzIpxf1s&google_cver=1&google_push=AXcoOmRMJYgjLEpWe1zc_AujorNe9Po80SSjcPgBXV52ICB7vPF58PlvpJtwykeRTwdRW74K8ytmqxLCsKyzDHyVjfS4gjVpYJY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81M0pURzktRy02Rlgw&google_push=AXcoOmRMJYgjLEpWe1zc_AujorNe9Po80SSjcPgBXV52ICB7vPF58PlvpJtwykeRTwdRW74K8ytmqxLCsKyzDHyVjfS4gjVpYJY
Request Chain 385
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHNrJNWklEsSGAM7GNo9oAQ&google_cver=1&google_push=AXcoOmRy4GFLJOZ6nkHUmCqaWt0dU0BgDn04o0yKoVJzGCm1gxKox7layLvot16q8SFoMtr8HMZdvqnkg6gyK02JnK2hXS4HzzY HTTP 302
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6bc6639e1e&gdpr=0&gdpr_consent=
Request Chain 386
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEHdAx0vpcedKF9Oh_XjnJbA&google_cver=1&google_push=AXcoOmQQnXKiZEFT-xwFydbq66DctiTKhhrVhsLTJnnm_DIYHCSJvrIfITQR3s7y_lZ7y5Om35pGJrh-0QrukzklinTJGbOAAg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQQnXKiZEFT-xwFydbq66DctiTKhhrVhsLTJnnm_DIYHCSJvrIfITQR3s7y_lZ7y5Om35pGJrh-0QrukzklinTJGbOAAg&google_hm=M2V4M3N4eGZmTnhtdzRib2FrX0Q=
Request Chain 387
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAfadAzr6usJ_saY8NrNxcI&google_cver=1&google_push=AXcoOmQAGoYjhKKZPx5W-16_5HT1hKaV6aFXmCK8lWAZtCHRyeE5Brz8lJIJoibwz5f_RjnMwAYKij-2af41JPE1GAE8x4DiWJBV HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEAfadAzr6usJ_saY8NrNxcI%26google_cver%3D1%26google_push%3DAXcoOmQAGoYjhKKZPx5W-16_5HT1hKaV6aFXmCK8lWAZtCHRyeE5Brz8lJIJoibwz5f_RjnMwAYKij-2af41JPE1GAE8x4DiWJBV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzE5Mjk2MzAzNDc4MDU5Njk5OA%3D%3D&google_gid=CAESEAfadAzr6usJ_saY8NrNxcI&google_cver=1&google_push=AXcoOmQAGoYjhKKZPx5W-16_5HT1hKaV6aFXmCK8lWAZtCHRyeE5Brz8lJIJoibwz5f_RjnMwAYKij-2af41JPE1GAE8x4DiWJBV
Request Chain 389
  • https://um.simpli.fi/gp_match?google_gid=CAESELfHS_8Tjy-8mOytF6-DEi8&google_cver=1&google_push=AXcoOmRDDJvmaZ1IcXQ4mkQ_nYI7TFFgwWpmIsijBoDP917Oy81YyZApFWjp04Pqm86OL6SXB63Bz0Jbkg4vC-ttBpEwhTd1iAul HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=410E59942BE04379971BBAF54A976A90&google_push=AXcoOmRDDJvmaZ1IcXQ4mkQ_nYI7TFFgwWpmIsijBoDP917Oy81YyZApFWjp04Pqm86OL6SXB63Bz0Jbkg4vC-ttBpEwhTd1iAul
Request Chain 391
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEF6q_Ja_QBmPxZyasIl4ZBU&google_cver=1&google_push=AXcoOmQhwDFFFMKRceJNPbwxprkMBj_EQhZrTevXhnEfWdHMEN4d9guXL7_j0Na7p7zzsq4LKK5P2Fs17044DHLIUJ4JyTGM96xu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQhwDFFFMKRceJNPbwxprkMBj_EQhZrTevXhnEfWdHMEN4d9guXL7_j0Na7p7zzsq4LKK5P2Fs17044DHLIUJ4JyTGM96xu&google_hm=69oMkVanRGKZmzB2JTbGGMg
Request Chain 392
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBirOhhdH4l6wd3ITlX8Xjo&google_cver=1&google_push=AXcoOmSYeCOTd6usLBcQkF1yRJWD6GuoplFzwM6zu03iPO3Q-6cWCALROAjEDxz0Pe6v8L7PqmMI3hQZNaQU47q3hqEgjG-6SaiV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSYeCOTd6usLBcQkF1yRJWD6GuoplFzwM6zu03iPO3Q-6cWCALROAjEDxz0Pe6v8L7PqmMI3hQZNaQU47q3hqEgjG-6SaiV&google_hm=fYbc-RNxhJu8-3yENkcGiQ==
Request Chain 393
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELMJLn7s3A5haWV-9bC2MUs&google_cver=1&google_push=AXcoOmTDcwvJ7WpS_SFLMekVebRBRkOd0JDl3dCDXpwj9z6tETbvWmbrNBZOv4roZb4gQzcGLptwvpH6-dSdHP3oMWWXZqYyjh9R HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTDcwvJ7WpS_SFLMekVebRBRkOd0JDl3dCDXpwj9z6tETbvWmbrNBZOv4roZb4gQzcGLptwvpH6-dSdHP3oMWWXZqYyjh9R&google_gid=CAESELMJLn7s3A5haWV-9bC2MUs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0MDAxMDQyNDEwMjMwNjM0NjExMw%3D%3D&google_push=AXcoOmTDcwvJ7WpS_SFLMekVebRBRkOd0JDl3dCDXpwj9z6tETbvWmbrNBZOv4roZb4gQzcGLptwvpH6-dSdHP3oMWWXZqYyjh9R
Request Chain 394
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEE61yV3HPKtvnudnQKbAwaA&google_cver=1&google_push=AXcoOmRDKJxLlXIZIAdp7c70mwexUJvw1wmN26v6IHrpKEltzA2Zua5OCDNxpzT4LXyz3kUdlXWtYquYz3RJbjucHpiEEF2t1dAS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRDKJxLlXIZIAdp7c70mwexUJvw1wmN26v6IHrpKEltzA2Zua5OCDNxpzT4LXyz3kUdlXWtYquYz3RJbjucHpiEEF2t1dAS&google_hm=WlRoejlNQ284WGdBQUxhWHpnQUFBQUFB
Request Chain 397
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_cver=1&google_push=AXcoOmTtjd4VsaNvF34RV6AWHTlB2kOpJW1q0X2Lv0N6WEXuczKlZe5EIfPxgJoncSX20DReAH1Kj0hDdczEvXvlPvO1AeofTjLcTg HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3ba6d0a67f821912&is_secure=true&networkId=14000&version=1&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_cver=1&google_push=AXcoOmTtjd4VsaNvF34RV6AWHTlB2kOpJW1q0X2Lv0N6WEXuczKlZe5EIfPxgJoncSX20DReAH1Kj0hDdczEvXvlPvO1AeofTjLcTg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH9u2hKDys4AMFmAGZAAAAAAA&expiration=1698284916&google_cver=1&is_secure=true&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_push=AXcoOmTtjd4VsaNvF34RV6AWHTlB2kOpJW1q0X2Lv0N6WEXuczKlZe5EIfPxgJoncSX20DReAH1Kj0hDdczEvXvlPvO1AeofTjLcTg
Request Chain 398
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ_r7IGsmHLLUelpIgN1TifxJXcZ4ildFWwjYXwxNmlW7AAn97E2bjIQVVE5c5VXFsO9REPWbGIRlunnNxPeV356C399-MBdA&google_gid=CAESEOOfx86uRk9_cHYSynyDzZM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-1nD6UakVxOPJD3ZAI4VCqr594gW-igR4Wwd2qw&google_push=AXcoOmQ_r7IGsmHLLUelpIgN1TifxJXcZ4ildFWwjYXwxNmlW7AAn97E2bjIQVVE5c5VXFsO9REPWbGIRlunnNxPeV356C399-MBdA
Request Chain 399
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKHJh8REm0inWiEefY2SJNs&google_cver=1&google_push=AXcoOmSMijxwITaGiJvpkqeO575-PNUJOdAs2tF-AyTD10mQGyHIQi87FiZ_mAI4okpL9tylNOyyJfD5ohE34GKqKm1oaGvmVPZwzw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODk2NTYyOTc0MDcxOTkzOA&google_push=AXcoOmSMijxwITaGiJvpkqeO575-PNUJOdAs2tF-AyTD10mQGyHIQi87FiZ_mAI4okpL9tylNOyyJfD5ohE34GKqKm1oaGvmVPZwzw
Request Chain 400
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF8MR_-desBbygY_DeLIYaI&google_cver=1&google_push=AXcoOmR6xO4QhTDu8YVKgTr4pMxRMvXkZ48fCCWkEBC-x3fTUZ6BKESvZfEfkLRTtGVP_2I2GhdeAQfevp7WG1rEStIArHzyXr9otQ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF8MR_-desBbygY_DeLIYaI&google_cver=1&google_push=AXcoOmR6xO4QhTDu8YVKgTr4pMxRMvXkZ48fCCWkEBC-x3fTUZ6BKESvZfEfkLRTtGVP_2I2GhdeAQfevp7WG1rEStIArHzyXr9otQ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGqm3LycR0mCfW37I72OtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmR6xO4QhTDu8YVKgTr4pMxRMvXkZ48fCCWkEBC-x3fTUZ6BKESvZfEfkLRTtGVP_2I2GhdeAQfevp7WG1rEStIArHzyXr9otQ
Request Chain 402
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_cver=1&google_push=AXcoOmQ_QhDaVmG81uGjkV64iuqv06SsPs3RZHSwZ7qtcFXXRiMwAKrT0Qbe8CaoZdV8_kvma4YOaSQVic7ErFzn2C5jXqIVnhAJ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_push=AXcoOmQ_QhDaVmG81uGjkV64iuqv06SsPs3RZHSwZ7qtcFXXRiMwAKrT0Qbe8CaoZdV8_kvma4YOaSQVic7ErFzn2C5jXqIVnhAJ&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_hm=ZThz9HlfJ6x8HxbKVTp4-gAACF0AAAAB&google_nid=index&google_push=AXcoOmQ_QhDaVmG81uGjkV64iuqv06SsPs3RZHSwZ7qtcFXXRiMwAKrT0Qbe8CaoZdV8_kvma4YOaSQVic7ErFzn2C5jXqIVnhAJ
Request Chain 403
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELVxIBpShjWwdRcvZi7mtPc&google_cver=1&google_push=AXcoOmQCQBgJvCBGY4bR53KmMov-WRXA38Jsr_5cLsZaMyFCLGSk_7jmireDUFcOzTby62wLkA_Mw3C9JLRBW0QanhJK3F99uIPGiw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi2SE8oHWa1S1oXPnV9s7w_PdXz27t80HCw&google_push=AXcoOmQCQBgJvCBGY4bR53KmMov-WRXA38Jsr_5cLsZaMyFCLGSk_7jmireDUFcOzTby62wLkA_Mw3C9JLRBW0QanhJK3F99uIPGiw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 412
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELMRxIbiLGVhQkHMd-SRUQQ&google_cver=1&google_push=AXcoOmRTW_1I12q1yMtdHImQKpnDccG8PsPDK6LEqyjS1tSohIfvugwwEccgsIiNmi1jxMbvIoS4gPK5RNYhi-vv7TEIew5J06Fs HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zCCG4B61S78lLo5ZliRIZw&google_push=AXcoOmRTW_1I12q1yMtdHImQKpnDccG8PsPDK6LEqyjS1tSohIfvugwwEccgsIiNmi1jxMbvIoS4gPK5RNYhi-vv7TEIew5J06Fs
Request Chain 413
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIDfTDpK5HJvpNBl6KT7f6s&google_cver=1&google_push=AXcoOmS9DZRjhtJFH-jT5OWXFk9SZ7NPlxSGc1vJGKIr9809QeD1S_Nrhl86vUjlCezLmPojppjXj--YQKEpgVfGzWy-6DUP1OKO HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIDfTDpK5HJvpNBl6KT7f6s&google_cver=1&google_push=AXcoOmS9DZRjhtJFH-jT5OWXFk9SZ7NPlxSGc1vJGKIr9809QeD1S_Nrhl86vUjlCezLmPojppjXj--YQKEpgVfGzWy-6DUP1OKO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmS9DZRjhtJFH-jT5OWXFk9SZ7NPlxSGc1vJGKIr9809QeD1S_Nrhl86vUjlCezLmPojppjXj--YQKEpgVfGzWy-6DUP1OKO&google_hm=rRtpH4dpReOzkiPPP-cMrA==
Request Chain 414
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKHJh8REm0inWiEefY2SJNs&google_cver=1&google_push=AXcoOmT-XEiuTHl5b7RMTIg-yGpyXW8_8VB6LkIFsw8xFSmlDCzozSu5OoABnbzCMSjdDupGn7l_orTSO0-0aOw8MOutOH0JyfE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODk2NTYyOTc0MDcxOTkzOA&google_push=AXcoOmT-XEiuTHl5b7RMTIg-yGpyXW8_8VB6LkIFsw8xFSmlDCzozSu5OoABnbzCMSjdDupGn7l_orTSO0-0aOw8MOutOH0JyfE
Request Chain 416
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTfA7823kkui0JQCCq-_e2395CnR3QwkFZdvuQS7FfqrDAap02XWfWdicfTOInqDdhbI59sihoudjI__WOCyo7_1FX3i1hEPA&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_hm=T1BVYzg1NzkzNTI4YzkxNGM2Mzk0ZDE4NzdlNzczZDE4MjQ&google_nid=opera_norway_as&google_push=AXcoOmTfA7823kkui0JQCCq-_e2395CnR3QwkFZdvuQS7FfqrDAap02XWfWdicfTOInqDdhbI59sihoudjI__WOCyo7_1FX3i1hEPA
Request Chain 417
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEM0U9fvBqznGib0dG1KzFLk&google_cver=1&google_push=AXcoOmQUk51s_JtPs4GT3K0Os1UWYlIiJqzpb7-UKyyX8toBgniFavM0BvZCHfUIOPIUjcq4DWQslCPl2i35bcICXzUOe84ySyF2 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEM0U9fvBqznGib0dG1KzFLk&google_push=AXcoOmQUk51s_JtPs4GT3K0Os1UWYlIiJqzpb7-UKyyX8toBgniFavM0BvZCHfUIOPIUjcq4DWQslCPl2i35bcICXzUOe84ySyF2&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQUk51s_JtPs4GT3K0Os1UWYlIiJqzpb7-UKyyX8toBgniFavM0BvZCHfUIOPIUjcq4DWQslCPl2i35bcICXzUOe84ySyF2&google_hm=UjNmTGhmOEdUbHZjRkNtVTY2dFA=
Request Chain 420
  • https://fksnk.com/cs/google?google_gid=CAESEEwgvp23sZOFQpkMztGihIQ&google_cver=1&google_push=AXcoOmT1erhDvzaX-jeFRgVMSWj2S6tZxHlddDU1Mmn4m2sVhzNb3pXt0fMjLy3VhsgORqUEe9XnusUh0KB9P88fokR6pAWPCiuyMQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDA1NEQxNEM0RTVCNzhDMw==
Request Chain 421
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIDfTDpK5HJvpNBl6KT7f6s&google_cver=1&google_push=AXcoOmQPKrtpUhD2wnV8OfT_rwkVxJI_eX-ZN8ytNC3BONnf4mt1J6FYhzmsUl1clPFK9XcIXzUP0auqRlgmmd6QGq8DFFDZPtpc-g HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIDfTDpK5HJvpNBl6KT7f6s&google_cver=1&google_push=AXcoOmQPKrtpUhD2wnV8OfT_rwkVxJI_eX-ZN8ytNC3BONnf4mt1J6FYhzmsUl1clPFK9XcIXzUP0auqRlgmmd6QGq8DFFDZPtpc-g HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=ad1b691f-8769-45e3-b392-23cf3fe70cac&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=ad1b691f-8769-45e3-b392-23cf3fe70cac&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=3dd40ffd-c734-4b5a-b0d8-557dfdbec814&ssp=google&expires=30&user_group=5&bsw_param=ad1b691f-8769-45e3-b392-23cf3fe70cac HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmS9DZRjhtJFH-jT5OWXFk9SZ7NPlxSGc1vJGKIr9809QeD1S_Nrhl86vUjlCezLmPojppjXj--YQKEpgVfGzWy-6DUP1OKO&google_hm=rRtpH4dpReOzkiPPP-cMrA==
Request Chain 422
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJTpS67DYAC4Mr1Rry17mVo&c_param1=AXcoOmTuC24woy0owgvgbAv_0o5eTzpMMfRr236pXIZQaYryHE8wjycpz8xL1GgmWOnJTnCIvjvblKxCXhyJBOpAeos6IqZ_uvfJ3w&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTuC24woy0owgvgbAv_0o5eTzpMMfRr236pXIZQaYryHE8wjycpz8xL1GgmWOnJTnCIvjvblKxCXhyJBOpAeos6IqZ_uvfJ3w
Request Chain 423
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEBdGzzI9GIc3M0QdAXnh5E&google_cver=1&google_push=AXcoOmTwFvV1dAtnQ1D7KoL0BSOc7LOT_JPU9hL-EUJWNJ_LNUTjmWW3pufqCo44KPqYmihjW044M6OfxvFMppSoRry-QxPg0NVRYg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEBdGzzI9GIc3M0QdAXnh5E&google_push=AXcoOmTwFvV1dAtnQ1D7KoL0BSOc7LOT_JPU9hL-EUJWNJ_LNUTjmWW3pufqCo44KPqYmihjW044M6OfxvFMppSoRry-QxPg0NVRYg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTwFvV1dAtnQ1D7KoL0BSOc7LOT_JPU9hL-EUJWNJ_LNUTjmWW3pufqCo44KPqYmihjW044M6OfxvFMppSoRry-QxPg0NVRYg&google_hm=UjNmTGhmOEdUbHZjRkNtVTY2dFA=
Request Chain 424
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEH6_ycgvgqpSta5SW0ofjzQ&google_cver=1&google_push=AXcoOmSn4NYYiGng20Boblp-5Zzt7yYO6qLqeu1pl2XjZIw8tehyuNjna1UFE2eUjqzy1fQil2KGP-ZfVKTtJEvmlRDvgP5PaHOj_pk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSn4NYYiGng20Boblp-5Zzt7yYO6qLqeu1pl2XjZIw8tehyuNjna1UFE2eUjqzy1fQil2KGP-ZfVKTtJEvmlRDvgP5PaHOj_pk&google_hm=QlMuMjE3NS1jYjI4LTQ2YTYtODg4ZQ==
Request Chain 425
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDfhCWqIOGr3KZKYn6A_eUQ&google_cver=1&google_push=AXcoOmQ8xjL8nbl9-ST86FDIs6fqhfAM0IdJLd3BHRLnHijTCoIw_GQ1Ft1NLg-ED88GgwAHjYjUXtCD9jlzF_Rh9himCUyV1h-d7I8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MjM0MGJhOTctOWIzMi00M2RlLTk3OWUtYjE5NDM2ZGJlMDA4&google_push=AXcoOmQ8xjL8nbl9-ST86FDIs6fqhfAM0IdJLd3BHRLnHijTCoIw_GQ1Ft1NLg-ED88GgwAHjYjUXtCD9jlzF_Rh9himCUyV1h-d7I8 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 428
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO99rGfuPXxaCysUWY6tV94&google_cver=1&google_push=AXcoOmSyXCDUknkfZbWJR0W4YrGxQi362O3kvqXzg-PK0Yymr_hkJVyQ3IzDQy3zTdRgSROTieKUIlVGJx-zuY8bfMpB3g8lpdD1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO99rGfuPXxaCysUWY6tV94&google_cver=1&google_push=AXcoOmSyXCDUknkfZbWJR0W4YrGxQi362O3kvqXzg-PK0Yymr_hkJVyQ3IzDQy3zTdRgSROTieKUIlVGJx-zuY8bfMpB3g8lpdD1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TGw5YTMyYnMxUVZ0MEU1&google_gid=CAESEO99rGfuPXxaCysUWY6tV94&google_cver=1&google_push=AXcoOmSyXCDUknkfZbWJR0W4YrGxQi362O3kvqXzg-PK0Yymr_hkJVyQ3IzDQy3zTdRgSROTieKUIlVGJx-zuY8bfMpB3g8lpdD1
Request Chain 430
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTrmuCxNzXN1PMqu0EoMuFJ49PEckHF7omIOXbzAZuYEvZ14i-ObgWLMJMP7nEvi6dJHq2X7A-gB0ayWFFy-apguitaz_rJNA&google_gid=CAESEOOfx86uRk9_cHYSynyDzZM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-1nD6UakVxOPJD3ZAI4VCqr594gW-igR4Wwd2qw&google_push=AXcoOmTrmuCxNzXN1PMqu0EoMuFJ49PEckHF7omIOXbzAZuYEvZ14i-ObgWLMJMP7nEvi6dJHq2X7A-gB0ayWFFy-apguitaz_rJNA
Request Chain 431
  • https://match.360yield.com/match/ebda?google_gid=CAESEOJWeiJpk1a0X28zG0HW49w&google_cver=1&google_push=AXcoOmRodvNf4i-XEu1AMYLcEA5_FrcFaNip7B3SCg_H3qlZWW6dTNfry3LR8DIduSk9uuF5YVRbpvBBSWKodO7s_03bdqAUbI9ahA HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOJWeiJpk1a0X28zG0HW49w&google_cver=1&google_push=AXcoOmRodvNf4i-XEu1AMYLcEA5_FrcFaNip7B3SCg_H3qlZWW6dTNfry3LR8DIduSk9uuF5YVRbpvBBSWKodO7s_03bdqAUbI9ahA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=uxE8gk7AR1utJJp3217vGQ&google_push=AXcoOmRodvNf4i-XEu1AMYLcEA5_FrcFaNip7B3SCg_H3qlZWW6dTNfry3LR8DIduSk9uuF5YVRbpvBBSWKodO7s_03bdqAUbI9ahA
Request Chain 432
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEM0U9fvBqznGib0dG1KzFLk&google_cver=1&google_push=AXcoOmQPmUrlA3tV5YqeinW1p08zsZmYmV-pbW9F4nV1dANK0vVOyRZP1EF5s9pwLMOkhlmzCm9wZRGnJn32kB1THUAqIigtTpD27Pc HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEM0U9fvBqznGib0dG1KzFLk&google_push=AXcoOmQPmUrlA3tV5YqeinW1p08zsZmYmV-pbW9F4nV1dANK0vVOyRZP1EF5s9pwLMOkhlmzCm9wZRGnJn32kB1THUAqIigtTpD27Pc&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQPmUrlA3tV5YqeinW1p08zsZmYmV-pbW9F4nV1dANK0vVOyRZP1EF5s9pwLMOkhlmzCm9wZRGnJn32kB1THUAqIigtTpD27Pc&google_hm=Y3o2MFlURzNCNTNiejVSMkk5X2E=
Request Chain 433
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGlqJgtJeqWKAXVM6bvllag&google_cver=1&google_push=AXcoOmQHUG9fzCTnon9-uiv2tpeDDPLSg10uqXGKF9yIYradw9Rfb-xNcFm_gBQymDzODVWthOaRCWdm28lRu51yGh2dc43UVU46ODM HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGlqJgtJeqWKAXVM6bvllag&google_cver=1&google_push=AXcoOmQHUG9fzCTnon9-uiv2tpeDDPLSg10uqXGKF9yIYradw9Rfb-xNcFm_gBQymDzODVWthOaRCWdm28lRu51yGh2dc43UVU46ODM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ad1b691f-8769-45e3-b392-23cf3fe70cac&%%GOOGLE_PUSH_PAIR%%
Request Chain 452
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_cver=1&google_push=AXcoOmQrf5L9ACrwEuHS3UoHE7ajAASMb_IBEipxdOF-nWnkZECjVkjasGVRRWDMALFjOrbG648gHTJIDbaozfUedhH_d20PI5U HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6215ea709a10166b&is_secure=true&networkId=14000&version=1&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_cver=1&google_push=AXcoOmQrf5L9ACrwEuHS3UoHE7ajAASMb_IBEipxdOF-nWnkZECjVkjasGVRRWDMALFjOrbG648gHTJIDbaozfUedhH_d20PI5U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH4q2CjXp3CQMaVCv5AAAAAAA&expiration=1698284916&google_cver=1&is_secure=true&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_push=AXcoOmQrf5L9ACrwEuHS3UoHE7ajAASMb_IBEipxdOF-nWnkZECjVkjasGVRRWDMALFjOrbG648gHTJIDbaozfUedhH_d20PI5U
Request Chain 453
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJE5l3OKuBaFkx8ONypsMW0&google_cver=1&google_push=AXcoOmRgTAYJr6qjvUMmn2YuBiruHkPsthqsHHfzsh82nPpudNnnl3qvdCOBE89Nohx3LyQZ0betfw0j8wB-809b5WKXcZglxiM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRgTAYJr6qjvUMmn2YuBiruHkPsthqsHHfzsh82nPpudNnnl3qvdCOBE89Nohx3LyQZ0betfw0j8wB-809b5WKXcZglxiM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJE5l3OKuBaFkx8ONypsMW0&google_cver=1&google_push=AXcoOmRgTAYJr6qjvUMmn2YuBiruHkPsthqsHHfzsh82nPpudNnnl3qvdCOBE89Nohx3LyQZ0betfw0j8wB-809b5WKXcZglxiM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRgTAYJr6qjvUMmn2YuBiruHkPsthqsHHfzsh82nPpudNnnl3qvdCOBE89Nohx3LyQZ0betfw0j8wB-809b5WKXcZglxiM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 454
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTVQ9c-RZWQtbCRG4FJhMlU2NgHiJiH3krmGXDd2cC3PlqdIOvP4hVWBkbqiayUYOyACGnsOV6nKx9uOB7VGo2Jl7yBepM&google_gid=CAESEOOfx86uRk9_cHYSynyDzZM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-1nD6UakVxOPJD3ZAI4VCqr594gW-igR4Wwd2qw&google_push=AXcoOmTVQ9c-RZWQtbCRG4FJhMlU2NgHiJiH3krmGXDd2cC3PlqdIOvP4hVWBkbqiayUYOyACGnsOV6nKx9uOB7VGo2Jl7yBepM
Request Chain 455
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF8MR_-desBbygY_DeLIYaI&google_cver=1&google_push=AXcoOmSCXMvorMrpaxEo5CqvSyUyT0MMRbDx3XZXF2u-H0hUD5Pu7yINtR0C1QpRFclsKAEKQJ062ZvgRHqccQDd_M6L7cfJG9g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGqm3LycR0mCfW37I72OtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSCXMvorMrpaxEo5CqvSyUyT0MMRbDx3XZXF2u-H0hUD5Pu7yINtR0C1QpRFclsKAEKQJ062ZvgRHqccQDd_M6L7cfJG9g
Request Chain 456
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEHFLsC_1suctXpQfyeIxcOQ&google_cver=1&google_push=AXcoOmT_G632m-NbTA1T0_dEGTpefWL1_ZlBICpPzhFgINu389Y0FFLGY2KNv31CDgBMHAwHEMlcttugLgc-3OzdZKOtg7XYJyI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZGM5MDkzMTQ1ZjA2NDBlNDljMmJlMmI3YjFkYTBjOTA%3D&UIDF=CAESEHFLsC_1suctXpQfyeIxcOQ&google_cver=1&google_push=AXcoOmT_G632m-NbTA1T0_dEGTpefWL1_ZlBICpPzhFgINu389Y0FFLGY2KNv31CDgBMHAwHEMlcttugLgc-3OzdZKOtg7XYJyI
Request Chain 458
  • https://an.yandex.ru/mapuid/google/CAESEKebHHQsc64MzgT-D95Etl8?ext-param=AXcoOmTPHXjBnbIxu3qK3yDrReDOrmrO5bizZA8DbfkRE5IqrBq4ugVwaB0Lwd_DlDknK5FUwMICk6ikyNYhVIohBm4XGZSHMhiJ&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEKebHHQsc64MzgT-D95Etl8?redir-setuniq=1&ext-param=AXcoOmTPHXjBnbIxu3qK3yDrReDOrmrO5bizZA8DbfkRE5IqrBq4ugVwaB0Lwd_DlDknK5FUwMICk6ikyNYhVIohBm4XGZSHMhiJ&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKebHHQsc64MzgT-D95Etl8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 483
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1698198517383
Request Chain 484
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDQ2QUE2REMtQkM5Qy00NzQ5LTgyN0QtNkRGQjIzQkQ4RUI1&gdpr=-1&gdpr_consent=
Request Chain 514
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENHRa9qFRqHcBaUSmjbvD1I&google_cver=1&google_push=AXcoOmQa50M2xO-Ht0Fn0bdrl0Zi5c-lYHruVOrysEnwjjh2F7si4OsOdVEF_Fm573dfzK6o59mhZPkHw9JODcctwLp5F2iYA54C_A HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQa50M2xO-Ht0Fn0bdrl0Zi5c-lYHruVOrysEnwjjh2F7si4OsOdVEF_Fm573dfzK6o59mhZPkHw9JODcctwLp5F2iYA54C_A&google_hm=hmU4c_TW-va2KgCG9w&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D653873F4D6FAF6B62A0086F7BLIS
Request Chain 515
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELMRxIbiLGVhQkHMd-SRUQQ&google_cver=1&google_push=AXcoOmTbx8TI9QJ-hfK4XMoH_5l2_EwX486_vCnETNTqfoWa2qZshFZiokDJVJMiVCtOestVXngoOB66aujHZQwu-0bpLSUl0NQ- HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zCCG4B61S78lLo5ZliRIZw&google_push=AXcoOmTbx8TI9QJ-hfK4XMoH_5l2_EwX486_vCnETNTqfoWa2qZshFZiokDJVJMiVCtOestVXngoOB66aujHZQwu-0bpLSUl0NQ-
Request Chain 516
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKHJh8REm0inWiEefY2SJNs&google_cver=1&google_push=AXcoOmSTCdCuAa6jfOLjkAIGuOFwsfdzQ3NaGBCf_IvpdmouEeytYev5sBGOF7dtsrO9jifjcJEstYAzruXST7kzHYom2DpeWEjmJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODk2NTYyOTc0MDcxOTkzOA&google_push=AXcoOmSTCdCuAa6jfOLjkAIGuOFwsfdzQ3NaGBCf_IvpdmouEeytYev5sBGOF7dtsrO9jifjcJEstYAzruXST7kzHYom2DpeWEjmJg
Request Chain 518
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_cver=1&google_push=AXcoOmSINb_zH3GqH4KO7dQSdaNnoXoQi-Gzo-pFxBPvGepwVf_YXXIFwa14CtBR2--j94zuBrgIimwRYp4ipOuBlyQh-gUPMyZcUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_hm=ZThz9HlfJ6x8HxbKVTp4-gAACF0AAAAB&google_nid=index&google_push=AXcoOmSINb_zH3GqH4KO7dQSdaNnoXoQi-Gzo-pFxBPvGepwVf_YXXIFwa14CtBR2--j94zuBrgIimwRYp4ipOuBlyQh-gUPMyZcUw
Request Chain 519
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEE61yV3HPKtvnudnQKbAwaA&google_cver=1&google_push=AXcoOmTyKRPG-IiRzrWKUUiQ9mkaNJ5ksvY8OhgFLImRxUvr1J6oyML_Q0VkmPQnekcwKiZZdSdHP_lv7HIZQgZRL1nkdNEtYKzr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTyKRPG-IiRzrWKUUiQ9mkaNJ5ksvY8OhgFLImRxUvr1J6oyML_Q0VkmPQnekcwKiZZdSdHP_lv7HIZQgZRL1nkdNEtYKzr&google_hm=WlRoejlNQ284WGdBQUxhWHpnQUFBQUFB
Request Chain 520
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQLIR4HzXh_cSHI0bfHgFwGcwbuszoqCFDfnz5yEOu7uuI7LMfc96jGawm0i7O8XBHOvnThVEsmshlmk3OP9SW5NhiCRlaTSdU&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_hm=T1BVYzg1NzkzNTI4YzkxNGM2Mzk0ZDE4NzdlNzczZDE4MjQ&google_nid=opera_norway_as&google_push=AXcoOmQLIR4HzXh_cSHI0bfHgFwGcwbuszoqCFDfnz5yEOu7uuI7LMfc96jGawm0i7O8XBHOvnThVEsmshlmk3OP9SW5NhiCRlaTSdU
Request Chain 546
  • https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=ed000cc26ecc6fb9504d HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=ed000cc26ecc6fb9504d
Request Chain 779
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F2660113330141EEAE1DBA79DCC37014&RedC=c.clarity.ms&MXFR=1F83B49711A0641805C4A72215A06A4D HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F2660113330141EEAE1DBA79DCC37014&MUID=0573BD532185617B1FD2AEE620F56084

790 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
folkd.com/
Redirect Chain
  • https://www.folkd.com/submit/movecasino.net/games-casino-online//
  • https://folkd.com/submit/movecasino.net/games-casino-online//
  • https://folkd.com/submit/movecasino.net/games-casino-online/
  • https://folkd.com/
16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
cc18a8df40e42c4bb73e54f94bc62e2baf9d551dcfdfaeb1fc8094cf3bd562f1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
81b6cc1548da3808-FRA
content-encoding
br
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Wed, 25 Oct 2023 01:48:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOIZy93g4CvrRUdtZig0oK9vrObICygLYDFvlbY%2FobFXu1eC4K6b7kM5Fi5o54Xlb9NwwlSgOLpeYeHqvzlKm4eIqSyLsT2jPUlbIvT%2BGzMO3A9y5RIFaC43oUN333SuMr6iWTTc39pVYuev%2FR0jnKwfcZLnT%2BtKD0Nn%2BDq9LCLyudUunw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
Vercel
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-bubble-capacity-limit
0 ms slower
x-bubble-capacity-used
0.121 unit-seconds used
x-bubble-perf
{"total":112,"percents":{"top":{"bubble_cpu":46.7,"block":52.3,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":56.5,"appserver_cache_misses_time":0,"redis":68.3,"fiber_queue":2.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":5,"derived_cache_memory_misses":5,"serverjson":121,"appserver_cache_attempts":3,"appserver_mem_cache_hits":0,"appserver_cache_hits":3,"appserver_cache_misses":0,"redis":66,"fiber_queue":56,"blocks":55},"misc":{"userdb_results":1,"userdb_data":629,"spent_time":7844786}}
x-coalias-cache
MISS
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-vercel-cache
MISS
x-vercel-id
fra1::grn2l-1698198505793-f9a858a14f38

Redirect headers

cache-control
no-store
cf-ray
81b6cc14eba79bcb-FRA
content-length
0
content-type
text/plain;charset=UTF-8
date
Wed, 25 Oct 2023 01:48:25 GMT
location
/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmJ40uu7YbBu6nN11avEcK6bSrayX7TCcFBxo36Axv8EwXl8k2HquryZnEd%2FalCSD6jHXMMm80i0oxWJ7n%2FKvjNl5hxEeXmAwzrqOB%2F5JQNNHOtgMTvUP936%2FwrGz6wQbUQ5ufLdGJG8IpCSg2BTmnHWo8aPx2FI%2FwSUhrv8%2FGh0ZnjdpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
Vercel
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-vercel-cache
MISS
x-vercel-id
fra1::8d44s-1698198505733-be2ab01f3b40
coalias_meta.js
folkd.com/ 		2 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd.com/coalias_meta.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
63048d3da9b8ef24703db0cb353c4bec041d9acc3575b407755a5affda7eb9db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1:fra1:fra1::khj6x-1698198506183-d70304188c09
age
2339206
etag
W/"162388d1b605b8c339e98419fcdfbb9d"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="coalias_meta.v1.min.js"
coalias_page_logic.js
folkd.com/ 		1 KB
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd.com/coalias_page_logic.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
09fa48367ecdb31ccbb365e0428d3d7bd7f32f48890b84d2e6c6ab9d2b12e3f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1:fra1:fra1::4ggss-1698198506183-e6802c1cd3ae
age
2350132
etag
W/"c01471c249877474d63c6beba5d7cb51"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="coalias_page_logic.v1.min.js"
coalias_static_rewrite.js
folkd.com/ 		616 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd.com/coalias_static_rewrite.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
18a847f8474bbd62b4a8e5d7fc404c2d3863b05bd4e940750f7bf3fb31c78430
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1:fra1:fra1::hxgf7-1698198506183-0dc5b996ce8e
age
2382838
etag
"142bd05e9b948e2640c9647c7734ee4b"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="coalias_static_rewrite.v1.min.js"
accept-ranges
bytes
content-length
616
early.js
folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b// 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b//early.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":7.4,"percents":{"top":{"bubble_cpu":26.8,"block":57.3,"capacity_rl":0,"other_pause":0,"pre_fiber":7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":56.4,"fiber_queue":2.7,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":5,"blocks":4},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":296979}}
server
cloudflare
age
9417
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.005 unit-seconds used
timing-allow-origin
*
cf-ray
81b6cc1a6dda0204-ZRH
x-bubble-capacity-limit
0 ms slower
run.css
folkd0612.bubbleapps.io/package/run_css/859f03e86a2ace26ad184e08d93a17f224597b3e5ece0a4e9df350eecfdb4930/folkd0612/live/index/xfalse/xfalse/ 		628 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://folkd0612.bubbleapps.io/package/run_css/859f03e86a2ace26ad184e08d93a17f224597b3e5ece0a4e9df350eecfdb4930/folkd0612/live/index/xfalse/xfalse/run.css
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5023186c37628cfa31837ac7a5ead838030bb824a57189c0e6695e40998782f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":69.9,"percents":{"top":{"bubble_cpu":41.8,"block":57.3,"capacity_rl":0,"other_pause":0,"pre_fiber":1.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":23.1,"appserver_cache_misses_time":0,"redis":57.2,"fiber_queue":5.2,"capacity_wait":3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":13,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":28,"fiber_queue":35,"blocks":34},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":4382065}}
age
363036
cf-polished
origSize=800193
x-powered-by
Express
x-bubble-capacity-used
0.067 unit-seconds used
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
81b6cc1a69d224c2-ZRH
x-bubble-capacity-limit
0 ms slower
run.js
folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/ 		4 MB
827 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cf2e87476221a317258bbc4cc5df5f8f4cdf7c20e2a42750b312e708a64c60f0

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":8.6,"percents":{"top":{"bubble_cpu":34.1,"block":44.5,"capacity_rl":0,"other_pause":0,"pre_fiber":5.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":36.5,"fiber_queue":3.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":439889}}
server
cloudflare
age
363037
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.007 unit-seconds used
timing-allow-origin
*
cf-ray
81b6cc1a6ddc0204-ZRH
x-bubble-capacity-limit
0 ms slower
static.js
folkd0612.bubbleapps.io/package/static_js/e77d51095d9a6d49b02eda55caea35db1df70c7d886bcef75531cdab1b091c8f/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/ 		1 MB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd0612.bubbleapps.io/package/static_js/e77d51095d9a6d49b02eda55caea35db1df70c7d886bcef75531cdab1b091c8f/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/static.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f9f17f69f000240d17bc1180cb69fe018ec19019b3889a2843f2242d959f7bf6

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":53.5,"percents":{"top":{"bubble_cpu":64.8,"block":33.8,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":110.5,"appserver_cache_misses_time":0,"redis":103.9,"fiber_queue":2.1,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":57,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":26,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":5195808}}
server
cloudflare
age
363037
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.08 unit-seconds used
timing-allow-origin
*
cf-ray
81b6cc1a6ddd0204-ZRH
x-bubble-capacity-limit
0 ms slower
dynamic.js
folkd0612.bubbleapps.io/package/dynamic_js/903c1ac09aed3106f41ae133b2a55f58ea82dc51623c9b3bddfa8a6e4a7b3b87/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/ 		2 MB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd0612.bubbleapps.io/package/dynamic_js/903c1ac09aed3106f41ae133b2a55f58ea82dc51623c9b3bddfa8a6e4a7b3b87/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e47216e546fc925876dc07ca8ab449bdb29a6bfc3b6631a3aef96eb1f1c922b7

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":21.1,"percents":{"top":{"bubble_cpu":52.6,"block":42.8,"capacity_rl":0,"other_pause":0,"pre_fiber":1.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":10.7,"appserver_cache_misses_time":0,"redis":27.1,"fiber_queue":4.1,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1663653}}
server
cloudflare
age
421122
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.026 unit-seconds used
timing-allow-origin
*
cf-ray
81b6cc1a6dde0204-ZRH
x-bubble-capacity-limit
0 ms slower
iziToast.min.css
cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/css/ 		41 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/css/iziToast.min.css
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3138905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9391
last-modified
Mon, 04 May 2020 16:11:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ebd-a221"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKFTcUg3stM48lrkEPrglXABnZFgib9q%2FUEQDjNClTFWpu5eUiUE3ljGlV2nY%2BCsedN4nhXLXqGD6hrEvvOBX8YL4P9tzDXpVjce%2BTpdHLN8h7RFAtufN31H9RkTBGa7vXtLqOXl"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b6cc1a2a2a23af-ZRH
expires
Mon, 14 Oct 2024 01:48:26 GMT
iziToast.min.js
cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/js/iziToast.min.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3138961
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4440
last-modified
Mon, 04 May 2020 16:11:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ebd-4836"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvXysnBRweebz4ezQ6VZzJTq8Zy%2FgSMg1v5dZiNIkwGGj2RqRrYle%2F5ux8o9hDGI5yKl5YkO9WdIgnrJtPqjdr%2BIw9aWBzy8umzTAGEdJQqHJ8UJ7D%2BPyueasFhn23p0FmSDoOb7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b6cc1a2a2b23af-ZRH
expires
Mon, 14 Oct 2024 01:48:26 GMT
openbuild.css
cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/openbuild.css
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42327
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230044-FRA, cache-yyz4573-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"610-Hhq7J7BAZ2hStZBftPx+L7C331g"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUYW37w59qu81l2ooETq0X08USQf0kTXx8eg0oQ8poqC%2FuZy6cOjHvKUNtHtPaC5Ys9Xeyqwi8xY%2FHaqxQH7FnbLJbleAU%2BtE5sOrYKUP6W6Zbxu0M9cZSvI9ZUt1Y0ukFY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81b6cc1a6a0023f7-ZRH
xano.min.js
cdn.jsdelivr.net/npm/@xano/js-sdk/dist/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39883
x-jsd-version
1.0.21
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230033-FRA, cache-bma1652-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"816c-y4fQWjEhnwuADXqNUiHMJJo4LgE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7lwKGorG0D1xqsPDvHiJH%2Fg1WfdAb4cjP%2BnPJ3rCubkUTO3La6Zbk3Zmeu0K3IiviWyZw0uYVIJQ%2BGgsNKjXIEPynZDzbQqDV0hjfL3SDgtSnJAbbH23FGTjaBDlwdGeqw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81b6cc1a6a0223f7-ZRH
65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
monu.delivery/site/5/d/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-185-3-92-76.tc.nodebalancer.linode.com
Software
nginx /
Resource Hash
d1f02c13c0de313a4cf40ee26180650e12fdc23add1abf4f5b4139bdfef165d1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPpY1DrMIa08RR1hEv6dnxMaQzBGlvjFFAliXA9aSeKGTRSjjgaNd0EyWZkwZ4BJTpcH7ujjLRrG6UrQz7oKAESwCC0sgdjF
transfer-encoding
chunked
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1698135437424492
content-type
application/javascript
x-goog-hash
crc32c=fpnEZw==, md5=ps9R4hArvjkZCQU61UGYvQ==
cache-control
max-age=7200
x-goog-stored-content-length
50719
expires
Wed, 25 Oct 2023 03:48:26 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
73e8ed3b475d329e634beba729217d431b45ea9d35d44d5d675195135caab4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80812
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 25 Oct 2023 01:48:27 GMT
/
js.stripe.com/v3/ 		544 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e29c5303aac2bb163ca8185428d9a1d79bc34ad72683007c44f93ea13345dfb9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 25 Oct 2023 01:48:22 GMT
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
age
11
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Tue, 24 Oct 2023 20:41:04 GMT
server
Cloudfront
etag
W/"366b09f5f62c9e7de2b1183e0ee1895a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
xEvl0JSlcoqGqucFo0ID8P-0OlMeBVzxc1M8gtJdBQaRvKQvhovTSw==
css
fonts.googleapis.com/ 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b//early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
2bd61072fddb7d64c22fa244070964af040c1ea3262f22f1594a182664e915c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 25 Oct 2023 01:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 01:48:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 Oct 2023 01:48:27 GMT
data
folkd.com/api/1.1/init/ 		706 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://folkd.com/api/1.1/init/data?location=https%3A%2F%2Ffolkd.com%2F
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
6bbc6a34ad99493119df9fc75ef4855231bb74fffa4148445d40e55026a2680a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://folkd.com/
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNjk4MTk4NTA2fQ.kOAOzX8So6TawJm4z08psTzbFURi4e8DdruBW6Jqlzk
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:26 GMT
strict-transport-security
max-age=63072000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":23.8,"percents":{"top":{"bubble_cpu":20.6,"block":71.1,"capacity_rl":0,"other_pause":0,"pre_fiber":2},"sub":{"pp_userdb":8.4,"pp_wait_userdb":0,"http_request":0,"serverjson":3.4,"appserver_cache_misses_time":0,"redis":49.9,"fiber_queue":2.8,"capacity_wait":8.7}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":8,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":13,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":5736422}}
x-powered-by
Express
x-bubble-capacity-used
0.088 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::4ggss-1698198506681-27a4dc7c237c
x-vercel-cache
MISS
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAkWjrSQ3GkrDtSUA9BYeG5uzE9wmu3NsDsZN2NrDA0lupmCuNd3fqC0K3qTdvqusmNx6WBNcQIQPez6Af0m6gYPTnob1Y7g6mIE381o6NArNhQbBj56m%2FZGTe8uY%2BH4JDYBmRWfTbsyDNLqesRecvTcS%2BnyeShLGCkKZTsTCyCKRflvcw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0, must-revalidate
cf-ray
81b6cc1ada38380a-FRA
x-bubble-capacity-limit
0 ms slower
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/dynamic_js/903c1ac09aed3106f41ae133b2a55f58ea82dc51623c9b3bddfa8a6e4a7b3b87/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
GSE /
Resource Hash
b6ec7b998324bc41dbd7b3610f9cb6c649b0db416a9f1b567a7136d440478428
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 25 Oct 2023 01:48:28 GMT
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/moment.min.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c42c23a0a15b19aa34fbf250c2ef3717f98169f8f123875936de604ca03070a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3126373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15241
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-c9b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lToH%2FISIi7HKs1XXA3GH3JpydZLOVeZiTOAAK7ecrj%2BeJLaIyXE%2FBlIdZHx2kBl%2FiqJVBpHiVvZ0RA058v54Kb%2BwGFfKkxlOB4ubjZlZISjULYnZMEFzEv8oW1YHvDAjtyxQFtVh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b6cc216a6023af-ZRH
expires
Mon, 14 Oct 2024 01:48:27 GMT
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 17:46:00 GMT
x-content-type-options
nosniff
age
28948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23880
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Oct 2024 17:46:00 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:27:54 GMT
x-content-type-options
nosniff
age
458434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 18:27:54 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:39:37 GMT
x-content-type-options
nosniff
age
508131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 04:39:37 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v32/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v32/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:05:27 GMT
x-content-type-options
nosniff
age
448981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14256
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 20:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 21:05:27 GMT
ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
fonts.gstatic.com/s/publicsans/v15/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:06:11 GMT
x-content-type-options
nosniff
age
459737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26244
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:34:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 18:06:11 GMT
L0x-DF02iFML4hGCyMqlbS0.woff2
fonts.gstatic.com/s/urbanist/v15/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 10:34:56 GMT
x-content-type-options
nosniff
age
141212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27824
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:09:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Oct 2024 10:34:56 GMT
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-185-3-92-76.tc.nodebalancer.linode.com
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:27 GMT
content-encoding
gzip
age
909
x-guploader-uploadid
ABPtcPrcme6h0vNqqhuY1lMx5dAa_ABxfjclgeNwRvDDlOLENUa58HKCUCTENHpN0qZPnNuTW4nCepWqzj50xcHfz7jmtg
transfer-encoding
chunked
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
connection
close
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-generation
1598340963244234
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
expires
Sat, 19 Oct 2024 01:48:27 GMT
hysaayfb9e
www.clarity.ms/tag/ 		650 B
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/hysaayfb9e
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1071f618f391c136dbe3225843c3b40d05ae69332a94f77361bed39ab840a461

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
date
Wed, 25 Oct 2023 01:48:27 GMT
x-azure-ref
07HM4ZQAAAADlF0k1KI7SS5RnKb8ptIekWlJIRURHRTA2MjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
650
expires
-1
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
monu.delivery/sitesplit/d3/0.9.2/5/d/ 		531 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/sitesplit/d3/0.9.2/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-185-3-92-76.tc.nodebalancer.linode.com
Software
nginx /
Resource Hash
1eb81f9db9a3a50b0fdaa21827fec28e2e56a5c0500ab8d1942d08f5468b4888

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPpFlPMcYKlfMwTylZuOrey64oy-Lfkhzwps0Rq0WHkCCOZA1pApiEDosZklMQmbpLVBWSlfFTrFfrlka-6N7rDRXg
transfer-encoding
chunked
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1698135440402843
content-type
application/javascript
x-goog-hash
crc32c=dcD/0g==, md5=pmQUa6JG885NoiI1WvPciA==
cache-control
max-age=7200
x-goog-stored-content-length
542869
expires
Wed, 25 Oct 2023 03:48:28 GMT
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 13C8 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1689
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 25 Oct 2023 01:20:19 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Mon, 16 Oct 2023 20:06:32 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id
5WHGndhrAMZlMyOM_jkrCd4o8IGBKwMeUNe4sClgS43zKsDoScfViQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
me
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 01:48:29 GMT
expires
Sun, 27 Oct 2013 01:48:29 GMT
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
suggestedTagsNew
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 01:48:29 GMT
expires
Sun, 27 Oct 2013 01:48:29 GMT
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
logo-40px.svg
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/logo-40px.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
x-amz-version-id
NoYri7j3dqGJ_o.0cuCTxKXFnTaBUSkL
content-encoding
br
cf-cache-status
HIT
content-security-policy
script-src 'none'
x-amz-request-id
R1GZM2BE5VSMSW5T
age
44526
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
6eG5KHqFJPzCM9gnBp1x1N5WZMUTwNFipuqzIQZ1EwLAX0PGeZNjvdY0iuUxy9Fxr4h4rm3KPsrf3QlOvTBKYA==
x-amz-meta-appname
folkd0612
last-modified
Mon, 20 Feb 2023 12:50:07 GMT
server
cloudflare
etag
W/"98bcc0ebb1abcca0eceef4c5f8ed8d71"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
81b6cc25edc124c6-ZRH
me
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/ 		162 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Sun, 27 Oct 2013 01:48:29 GMT
suggestedTagsNew
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
b9501c23317d084c5acbb22adaa0038a50700a68089e286fb9ad82c2f741aa22
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-query-cache
1
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Sun, 27 Oct 2013 01:48:29 GMT
magnifying-glass.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		276 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/magnifying-glass.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4802186f6cb20846f699483e25a99a51ba958a3b00ec07f124c46a94800b3e4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872687
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA, cache-yyz4565-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"114-kQKqpN6Fzv24NlTHkXKL/4wb5Hg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkJSIZKppUu%2BK4jrfwT3QzEC5HQEOZBDYYohPvtpEehP5jcW1bhtp5JtkGcT1JuIAiRQdzLouzz%2BVfTNZplvyMV0ZyXNsh8UQsSbCc5RBFxrCwIJ%2BeN9ELtAXUCYF9Lagx0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc28aa7201f8-ZRH
hi
folkd.com/user/ 		57 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://folkd.com/user/hi
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
e641c6b75fa3b939b3976151fb30cdc12f4f07ac27873044e1ec2d7c5a04e459
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1698198507747x856358312400972800
X-Bubble-Fiber-ID
1698198508444x886226431044279800
X-Bubble-PL
1698198505982x809
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNjk4MTk4NTA2fQ.kOAOzX8So6TawJm4z08psTzbFURi4e8DdruBW6Jqlzk
X-Bubble-Breaking-Revision
5

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":9.2,"percents":{"top":{"bubble_cpu":24.5,"block":62.4,"capacity_rl":0,"other_pause":0,"pre_fiber":6.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":3.5,"appserver_cache_misses_time":0,"redis":60.3,"fiber_queue":3.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":339618}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.005 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::d5hb9-1698198508465-8c6892fd1df5
x-vercel-cache
MISS
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lfoDahJ570dMOxOhdcDZoadhjyTanwZjEzc9TpO8Ra5r8X6rnpvP4WqMhZbefVFgmB5mHMfmjpGeer0cRNv%2F76UQSfBuEC1CskkdF7w0JLgFTBQlMIrr955Q0SB4uuk2cGT09XVeFYchm%2FnbwmHMmLGpbQ%2BagLUcpUwG3aZhs2geGEHng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
9
cache-control
no-cache
cf-ray
81b6cc25fc673731-FRA
x-bubble-capacity-limit
0 ms slower
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872687
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yWYceX4qBjY5BmwUcslmUXdw%2BmInH8MVApNQVUk6tjqHXLOsf7IBPMOHtjS6bpQ%2BbR%2F%2B8VM8TDN5QS53pb5hpVdQaAyZlE8HI%2BKc9%2FpyAXIgTyTEODkfgUvNI5THXCtL5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc28ba7901f8-ZRH
magnifying-glass.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		276 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/magnifying-glass.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4802186f6cb20846f699483e25a99a51ba958a3b00ec07f124c46a94800b3e4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872687
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA, cache-yyz4565-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"114-kQKqpN6Fzv24NlTHkXKL/4wb5Hg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fo4LU5V3YL8XMzYy0wYHcliWy0AalPucVC%2BDFCjyQwdAXuEZ4L7JtKYifeFcRkr6GhqR%2BjdZHQSwCedV1lDaWW9ixs2mEZx%2BWD0xtCIZqV9Jgv0nE3wTv6oLvbQYZ298zVc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc28ba7a01f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872687
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejUK%2BekiCTqTycehmDenc%2Bs7LKZSUaAsXwuZnckvgNlFu2sWSjAa7Cqlwy8mVb55mU4AxxPhbFRdPlU5Ep6U9vNr5tOwVyFSriBoujWTD%2B%2BddjkkMg0l4yR2rxlBi%2F7ywlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc28aa7401f8-ZRH
link.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
526436
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230095-FRA, cache-yyz4520-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDWsRq16un8Sk4TK%2BQzKIexe1%2FGb1dEs%2FmBhh9915yb7Ywor%2BxD7rQmRSVQ5tO3LuNddNtgsFa6R4M3VPYGsjDv9ZD7qOxD9LOk%2FGCIw%2BpSgu6le5YlXyUl2oREXr6M0CNw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc28ba7b01f8-ZRH
arrow-right.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		238 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872687
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230112-FRA, cache-yyz4532-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehbXPHGlow1oRxeDlJLkVQMVQL3AXYJ6B5BasbPLVrT4bFSX2dSYJdyf1VOW06nARWTX6rbr3FuQwNUznQieSQrooQj1dwsmT%2FhOtV1PKP4gRlIbH%2BcKNPbQ5hkRNDjLQts%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc28ba7d01f8-ZRH
link.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
526436
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230095-FRA, cache-yyz4520-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F43jKvxavUNKOQgAJkBKrcWv1SrOt2E%2FAE6LGNAtAAbWKxRjXj2DM19TdTJ6kJ5HEIB9GI92MVQOOKU7kCZdUaeQ2jTJModXNcgbrkjq0kzuCjKk3fbRe%2BoBcJWQw%2FDmzGc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc28ba7c01f8-ZRH
arrow-right.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		238 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872687
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230112-FRA, cache-yyz4532-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ug2OQp8slHycoj7q2BMm8afqPB1cNXhh4LTYg%2F2pVDWoLhMgMS3Kb4tCn1dZU1YaqOWCwY2nVHbc%2FZkZ4dAH1cqJgy%2BuTxkhmx8%2BV4ciqN2kXZRl%2FdwFYSCSToP7PegnBE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc28ba7701f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872687
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0SYuX8swq64%2BfScw17%2FPt8i5BSk2rwkAEqK3HSLPk19%2B4NET6IRdXuJZOUpkEaoRIN5FZo4IxZ8LOgluEB8sua3kWfwhq0iY1iB%2FLskbzmVDlL6s4w4U4UrshcShAmSydE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc28ba7801f8-ZRH
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 13C8 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Wed, 25 Oct 2023 01:25:32 GMT
x-content-type-options
nosniff
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
age
1376
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
631
last-modified
Fri, 06 Oct 2023 20:54:32 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
hZpT-ua_cW_DaZd7eneaXPKYjIf8bLfev5XSUtcHpK8KmwiciKzhtA==
csp-report
q.stripe.com/ Frame 13C8 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 25 Oct 2023 01:48:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1698198509601580
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1698198509601250
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 13C8 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 25 Oct 2023 01:48:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1698198509601562
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1698198509601303
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1698198508606
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 01:48:29 GMT
expires
Sun, 27 Oct 2013 01:48:29 GMT
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 		35 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1698198508606
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
ad3f44a2ce5fea185b1678c33fb822099d7bb0f7d4b27d834950e686eff041dd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-query-cache
1
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Sun, 27 Oct 2013 01:48:29 GMT
clarity.js
www.clarity.ms/s/0.7.13/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.13/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hysaayfb9e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:28 GMT
content-encoding
br
last-modified
Tue, 17 Oct 2023 11:58:02 GMT
x-azure-ref-originshield
0zoo3ZQAAAABqjR60C7IaRbx/3uEklOjORlJBMjMxMDUwNDE4MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DBCF0850CC9F3D"
x-azure-ref
07HM4ZQAAAAB0hBOh5bGIS4UFCgyR+RNIWlJIRURHRTA2MjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
be297ec9-701e-002e-2ec5-057ccc000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ 		464 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
1f8a69b2a2b34f9ad653d8d8627fb36573303a4442a5aff2699707a5ccebf033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 19:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190291
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 19:05:51 GMT
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je3an0v9135293448&_p=1371445820&cid=153657198.1698198509&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698198508&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Folkd%20%7C%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 608D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-185-3-92-76.tc.nodebalancer.linode.com
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
age
0
cache-control
max-age=31104000 public
connection
close
content-encoding
gzip
content-type
text/html
date
Wed, 25 Oct 2023 01:48:29 GMT
expires
Sat, 19 Oct 2024 01:48:29 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding
x-cache
HIT
x-goog-generation
1598340969597109
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-guploader-uploadid
ABPtcPq9Dm1r1Q1S5rHpDXsMnf9vXDmybxiRRfbQcySvHRyPOYrVfRmuMatpSP6eZw1RWP7hrAV9qe8Sf9PY1FquuDR1yimfpSxZ
m
folkd.com/user/ 		4 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://folkd.com/user/m
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Fiber-ID
1698198508692x123086601544995180
X-Bubble-PL
1698198505982x809
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNjk4MTk4NTA2fQ.kOAOzX8So6TawJm4z08psTzbFURi4e8DdruBW6Jqlzk
X-Bubble-Breaking-Revision
5

Response headers

date
Wed, 25 Oct 2023 01:48:29 GMT
strict-transport-security
max-age=63072000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":9.8,"percents":{"top":{"bubble_cpu":22.1,"block":51.3,"capacity_rl":0,"other_pause":0,"pre_fiber":6.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":49.8,"fiber_queue":2.4,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":6,"blocks":5},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":325239}}
x-powered-by
Express
x-bubble-capacity-used
0.005 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::j55k9-1698198508810-9f2caa7b56fb
x-vercel-cache
MISS
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4HrZytnz7zbbyM4NDSKdJQ%2FBFTQO5f5fERjkCpJNokxTS3UTeMuWNsksWqNbmni3IMGGiXCZi2nRbfOtWUa3Z9WV7XbMJviV9SkMVHRwTIn5GhiDk4VPg4eFFqQcNwcz1KEXEl5w55aIG9PKl2IVyZRhpWTnIaWQ6B3v2uVFhAx8Yqhww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0, must-revalidate
cf-ray
81b6cc282aa79b9b-FRA
x-bubble-capacity-limit
0 ms slower
config.js
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 		404 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99fb0cff846ea41bf8485f9f68e0ef05415d71831f9ccadeaf77138518b2cbb1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:29 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 25 Oct 2023 01:38:51 GMT
server
cloudflare
x-amz-request-id
DFSSW2B6K735JHYX
etag
W/"7a80b757f4ca0720a3aee2b0ee8ada88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
81b6cc2d0d3e020d-ZRH
alt-svc
h3=":443"; ma=86400
x-amz-id-2
NnhlJbBEFZY9NCXBnzmrXM7yfAPEyRSk0KJrPmPcKN0EJr5elUiEioHxLrqDFDnX/yaOwFIIiq0=
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
8eaf27f165f42f6d013c02fb5cdb1990370ee4d372fb1a55d7d428202d63e949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29439
x-xss-protection
0
server
cafe
etag
537 / 19655 / m202310190101 / config-hash: 6386123563653736403
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:29 GMT
inner.html
m.stripe.network/ Frame FBAA 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
109
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 25 Oct 2023 01:46:40 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-id
cW8Gsu3-_De7G1c4gXkC8qQdbrP8rjwshKSLVslH3QHZIPWfdr0Txw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
collect
s.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://folkd.com
Date
Wed, 25 Oct 2023 01:48:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
apm
folkd.com/user/ 		4 B
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://folkd.com/user/apm
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Fiber-ID
1698198509434x777693897893208400
X-Bubble-PL
1698198505982x809
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNjk4MTk4NTA2fQ.kOAOzX8So6TawJm4z08psTzbFURi4e8DdruBW6Jqlzk
X-Bubble-Breaking-Revision
5

Response headers

date
Wed, 25 Oct 2023 01:48:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":24.3,"percents":{"top":{"bubble_cpu":20.8,"block":7.5,"capacity_rl":0,"other_pause":0,"pre_fiber":71.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":6.6,"fiber_queue":1.3,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":760131}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.012 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::cpf7r-1698198509485-9c302b23d5f8
x-vercel-cache
MISS
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHZKe8DezaBtGbIiyqQOc7ielmgOdpLvqDHtPfmWNbuAe%2BeklVS4pSSX2PzMaWjr7it6yzVG28KdU8y%2FRW99dLD0veW9LtLM4Z5xg19gEgCHo0sItncekrW6RRA%2FUX99tgv5kLagbn3gK2XLQnGs8Td%2Bi5jnPdrX6oFVLMFAu09N398KAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
24
cache-control
no-cache
cf-ray
81b6cc2c8cda4d3e-FRA
x-bubble-capacity-limit
0 ms slower
csp-report
q.stripe.com/ Frame FBAA 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 25 Oct 2023 01:48:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1698198509808001
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1698198509807461
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame FBAA 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 25 Oct 2023 01:47:00 GMT
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
age
89
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
iO903hT_0Eps4CDoqQt0kTLmaXN_VTrKPq5Vcox07O1M2OsC-Ta7aw==
mmt.gif
imps.monu.delivery/ 		37 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=p.d.l&u=JYM01M&d=%7B%22b%22%3A%22chrome%22%2C%22c%22%3A%22CH%22%2C%22r%22%3A%22SG%22%2C%22p%22%3A%22%2F%22%7D
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:06:10 GMT
age
2551339
x-guploader-uploadid
ADPycdvOeTSeHk66du2fNq1BXpRu1iH7OtxvtA01QLH35dbJZ5liU5KGDE43-pzq-l_1EvkHxrEEcWUQX9iKLyzeN7LfCZny4mQ5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 13:06:10 GMT
6
m.stripe.com/ Frame FBAA 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.50.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-50-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
64a5d79297234d8f9241fde2aa2b31a984ed18ff8e151da410800291cb43d3f3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1698198510336476
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1698198510336195
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 13:10:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
45501
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135316
x-xss-protection
0
server
cafe
etag
9779678222609117831
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 23 Oct 2024 13:10:08 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=s.d&u=28f81968-7637-4e59-b276-64fe8525c1dc
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:06:10 GMT
age
2551339
x-guploader-uploadid
ADPycdvOeTSeHk66du2fNq1BXpRu1iH7OtxvtA01QLH35dbJZ5liU5KGDE43-pzq-l_1EvkHxrEEcWUQX9iKLyzeN7LfCZny4mQ5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 13:06:10 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27747
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGWbwElyJuwI4EPKr76H0DqNqMiU1xWvfMc9C7Jz8ZDduP7ATif2ePxBaTYys0vArkvb2ACXbwIvJciizrU0gWW%2BAP6PceVKeD%2FGpog7I2TJZEoWRelvrPGtihCVovcBY8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81b6cc2f0ccc23f7-ZRH
esp.js
cdn.id5-sync.com/api/1.0/ 		143 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
E2HPME64W37WZR1J
age
1696
etag
W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81b6cc31aeeb59cb-MXP
x-amz-id-2
WGcqbM1zsM+vWSGhEArHhIa8PN8zSohdH/iIsihV2/vefvmj/wSRgLGNqdcdh5DHpJM/1/vAfRo=
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 04:27:21 GMT
content-encoding
gzip
age
2409669
x-guploader-uploadid
ADPycdvBYmC4PgLzsLJIA894B5g2PkDCL__fBZjxcqEcFhjWy_N2njp16oilhyxFEUw1SMex_uifF9Gbyeo8Sz9Z3Y65Fg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 26 Sep 2024 04:27:21 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-a892"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 26 Oct 2023 01:48:30 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 02:45:51 GMT
content-encoding
gzip
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
82959
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
5XAV5gumxncH3NCri5p4-1yn0jiarnY7cqkfxDJaLbv79uPDltGG0Q==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Tue, 24 Oct 2023 06:40:14 GMT
Via
1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
68897
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
UuHTRFZzs9HTsfpHVwSjMPo6mXHQQvKJ1qUgdnD9_RE9uv1HxAX1aQ==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
a564d7369d3ba085388bcb5ac811729d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		68 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=142832083690203&correlator=588134280665934&eid=31078703%2C31078932%2C31070233&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDW.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698198509895&lmt=1698191309&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=153657198.1698198509&ga_sid=1698198510&ga_hid=1371445820&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYw7KTpLYxSABSAghkEhkKCnB1YmNpZC5vcmcYwrKTpLYxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMOyk6S2MUgAUgIIZBIUCgVvcGVueBjCspOktjFIAFICCGQSGQoKdWlkYXBpLmNvbRjDspOktjFIAFICCGQSFwoIcnRiaG91c2UYw7KTpLYxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjCspOktjFIAFICCGQ.&dlt=1698198506158&idt=1847&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse&adks=3006380593&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
670923a9ed3815341743c2981b520f42591be0994cffc385af44b81a95f02b0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20326
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A18C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Thu, 24 Oct 2024 01:48:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0814ceb83311ca54fa848a9a31915d46a05013536d38aa50abebb7cf223edf57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 14:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
42220
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13704
x-xss-protection
0
server
cafe
etag
12852200075146428686
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 23 Oct 2024 14:04:49 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
E84P7V29KPVBNAW7
age
115172
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
81b6cc2f8800020d-ZRH
alt-svc
h3=":443"; ma=86400
x-amz-id-2
hcpgoTZ+eTTgUOSlmIMNJ1W3JAxsw8DLxiJN7l9VRdrF4RAeLb8T5iA1RkfCDXFymoMZuQ1xQGJf+4k2W7M49NLxLfWm51Ay/hdjzc/b5TQ=
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4f5h39vLj0bOd5YdL5QnuPdjqLxfo0I9QHvBjRm08JGe86%2BULtXtX4A61Lp8xd3TP4rffN%2BnCW4E0Byq6MlWF%2F8dtlYOKYMXU20QVHbnIwIsd3KTyPPgg%2F5s6Uath1R3Ga0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc30b97c01f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8do8U1Tcf24%2B7qUbGMkIxq%2BhvKccry5FD440c0C%2F3OOtjdOrg5Y5nMeOuhRGg6rrDH3D9UnUq%2FdoCcLqB0lkU2sxuQJCFpOOU6u%2FRqIi6M7FKgwwjRrsNEho0iAo9oWP7oA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc30c99b01f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohqLRpAt5jgpThdHKgoUfJAtXTKY7chNZfoKp0UtxKeMLZFjAyJcEBqCGLR9wkXv1brJT%2BTRU9mfmeBK7U%2Bgypt6eHnSMvCduNjc%2BsISvpDpgjFb4d9JAyUQ5uSCZWPaAl4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc30c99d01f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIAyseFH89equL22fqCpNiyxVc4oyku74WkvX9SqRaOGC0mLJF2zwXqhH05B6DH0%2B9tg9oI%2FANgEfLOxjkEahSao76ETOOWS8emXhUaPK5PWHEolYvt2DE06xSg%2B5rOsvj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc30c99e01f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5q1HW1BwLq%2FuWlqu37BrDgdi8zCxhOhcmrdlFD9aXTShWqBmEL1fkUKrhIdD9WD2SrztFcV%2BttdfpcMf5VuOjoJ%2F7RItBNodhLWrjQPe%2FiPlTCpNciBPOGxWrlVqMhFRBqg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc30d9a201f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wMWyaLvMfzhOfTyZLbCEyls4LPiT1XRdaLEkwV0TPRSXq5Pyi9aciMFVZHT8diYD6CpnvF5bRlMnHL9F2uAUZ4U55zrGVX5TEpJPmDehTNuPETC%2Bq5kMIeiSHi5q1QH508%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc30e9ad01f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zZ38dY2NqxKZb9FvWxH5yaNVOg0te6pIGcvJLig%2BgdyaZuukYwPyB5LMWdzN2MA2Nsa3edkJgv6f8pcOI7BLsumA4Pa51npxwfRTlRqUq3Rm9lcw2m6SJE7wH4Avd8Q9HM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc30e9ae01f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZhibyCW2t0Bb4HG1k0s%2FLaFgQzspzvnhVc0XIEFkhShPv1oq%2F8x8XvXJyr7zPTTyoin%2BrqTph%2F0ekbD39cwFTunYMMZNasf9Qza90zFkBxO6tOm%2BTVnTJuPv6Gx%2B%2B6mxN8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc30e9af01f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mvVRUQn4rnkJ3PfvKAJBmdVprwniUFs1i%2B2W4C%2BAAClqT98xSgp%2F4Q7H6QhDBzfmLdjhW494WEnfHuq%2BRzYFS9vx7dRSuIrYUbufBhpNGz0%2B62qpN7Ia0idzXfh5zlN9C8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc30e9b401f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qb0HVqT8tCGWBqL3nFjGnzcV6kYG5HXXG4em4BTZYWR0c9MzF5ptaIYM8LE0%2FA8wELY9VOge0jk5ateV0V0iSU%2B3LubGx0d6KjVEduIXYGFm%2F1l128CWQCfe3hbQLe69Gzc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3109c001f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaKZbenMNpPP%2B64xJMcqREMrEbMbO8HT6oF4erm6I5zoxNGxOEfQl0hqhZJXSc9WT1Ah0BgDyKLUeQLK6QrsMNKKr%2FKDtFiXUO4GFeAAFIvFsD85VWFiYhkbk%2Bou8di8L30%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3109c101f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugcf7iorHHcZ623Dm6XkXyj0hEKmPsN10Df7GxtwbQ3HgC%2FEB6G%2FSmBmqrxZL5rkKy4loSl2l2Ku0fXoouABKVhDR0tU1QMYR1YmsvDci05s%2F1WL8RLiRIWX4iwEBNc8S4g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3109c201f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpvLrlzOLGefO5aFGJOhklbSvCCLIMWMkJxTxpPsQyFfhCnueMWAMAFc8tQ%2BYZB%2FAhFgFt4Pu%2F7PuKNT9Qb7Pg%2FJ%2F9K%2FEDG%2BcvRDiPHzxptHdifehcQ3BR5ms8Q3YOZPrpo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3109c301f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3yuIn9pTQuSbl7AVWrQRt3Dtl9v4ZFHv20M94tZnC0BAAPUgbeJdA1G0TqKQmuboZhH4TOElc%2BC8oImMN4OL25o21I%2Bnmi2m97%2B3%2FSehTn%2B6aM7g%2BbNCxeMdERNhzJlzsc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3109c401f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3PuqprMoa13Ndo8EUohdAp355QrLgltHGAYt5Aw5piszcT2zKyay8BZSM7w0sxUsplS9Q74nKnWZ4Zm6SaxJWJh9gpQuZuCyUv3BR8TKA%2BqKRjbOAl3bup5R5yvFNodAH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3109c501f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RCmD1FIoZmsTeIqzrWtn%2FiehtVI2VgXg4sWWk73U%2Bn18zb92f3TGdMfRa5k%2FLyLWA2TAn1QA%2FOo1mX9AKpnii6tsZ8xvGO8W%2B7Dg5TzA6WZ1R2%2Bch7g9d2%2FhLih8v31Fgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3109c601f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INj9cY9mMYxt2hDW9K8ZJfNwvNFNYPLXVpWqt2ceAOKHuOcsSWNZ1DaNPWhn0OZdmRI6Q2xmqBd6LLSOPhJJD%2B%2FCWkJv4yCWtCyDuKUs2HG5IR75dfyrbJ5XHfeWjS7hnBM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3109cb01f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872689
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WM6SmGyQU9sF5GKgrNIqOUPKpSSjPtkouWQKAwdJWtkiWjKa8%2BvQs8tZtjviUPG%2FLt8JDSXh791XcpbCpA4HkraAXrnWSDVYMUwr8jgyhHgCyu943kNZHpEGyVXT7hdksJc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3109cd01f8-ZRH
container.html
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F28 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Thu, 24 Oct 2024 01:48:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/ 		0
0
esp
oajs.openx.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-coalias-route
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://folkd.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 25 Oct 2023 01:48:30 GMT
vary
Origin
via
1.1 google
x-powered-by
Express
encrypt
esp.rtbhouse.com/ 		201 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
8660f6f9b6cb7b5ab96ba7f7bb5ea4f4237b2e1828229dd09e7a4242f8a49076

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 01:48:30 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
d58d602e6894b8aa2d06dbb5c907e1eb
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		235 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.103.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-103-141.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
bfe404682b19590a4290403c9c3425e9808c1dcb72d950305c61325255210405

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://folkd.com
cache-control
no-cache
x-server
10.45.12.165
access-control-allow-credentials
true
content-length
235
expires
0
post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1698198508606
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Sun, 27 Oct 2013 01:48:30 GMT
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 		31 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1698198508606
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
6c372e198244c361274102f5a6aa022f974d799997010c486a5bc4e5ff720ac9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-query-cache
1
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Sun, 27 Oct 2013 01:48:31 GMT
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:06:10 GMT
age
2551340
x-guploader-uploadid
ADPycdvOeTSeHk66du2fNq1BXpRu1iH7OtxvtA01QLH35dbJZ5liU5KGDE43-pzq-l_1EvkHxrEEcWUQX9iKLyzeN7LfCZny4mQ5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 13:06:10 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=142832083690203&correlator=1629865374868858&eid=31078703%2C31078932%2C31070233&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c25cfe2cfb1705a%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MYg6ElK7xULkAltRm0i6Gw2-F1oJQ&gpic=UID%3D00000ca1dd1eeda5%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MactXszduYmmAypNDozhxTysadpMw&abxe=1&dt=1698198510884&lmt=1698191310&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=132&ohw=0&ga_vid=153657198.1698198509&ga_sid=1698198510&ga_hid=1371445820&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYw7KTpLYxSABSAghkEjsKCnB1YmNpZC5vcmcSJGM2NTlmNWQ4LTljZTItNGMxYi05YzU3LTliZTBjNjZjN2RmYRjQs5OktjFIABIdCg5lc3AuY3JpdGVvLmNvbRjDspOktjFIAFICCGQSFwoIcnRiaG91c2UYw7KTpLYxSABSAghkEhQKBW9wZW54GMKyk6S2MUgAUgIIZBIZCgp1aWRhcGkuY29tGMOyk6S2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YwrKTpLYxSABSAghk&dlt=1698198506158&idt=1847&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D1_SG_chrome%26browser_hour_refresh%3Dchrome_1_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2868826112&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
71ce6e0425f76fb0febb3f5676a53d94c623f9c1241eb3a66e4418868c7e3c81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20738
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 7F28 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 25 Oct 2023 01:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 23:56:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 Oct 2023 01:48:30 GMT
widget.js
widgets.outbrain.com/n2d/widget/ Frame AC03 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Wed, 25 Oct 2023 01:48:31 GMT
content-encoding
gzip
content-length
11833
last-modified
Tue, 22 Aug 2023 10:30:48 GMT
server
AkamaiNetStorage
etag
"6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Wed, 25 Oct 2023 05:48:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame AC03 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame AC03 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AC03 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
553371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AC03 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:31 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 7F28 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 00:43:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
3889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8598
x-xss-protection
0
server
cafe
etag
10300645532664441910
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:43:42 GMT
collect
s.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://folkd.com
Date
Wed, 25 Oct 2023 01:48:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
increment
id5-sync.com/api/esp/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Wed, 25 Oct 2023 01:48:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame D53A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:31 GMT
server
Kestrel
server-processing-duration-in-ticks
282519
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pd
google-bidout-d.openx.net/w/1.0/ Frame BB4A
Redirect Chain
  • https://google-bidout-d.openx.net/w/1.0/pd?plm=5
  • https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
572 B
697 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
67690ee898230cf1027f288a7573dddd6d1b7826bae35af735ed8c74f398ef96

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
373
content-type
text/html
date
Wed, 25 Oct 2023 01:48:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 25 Oct 2023 01:48:31 GMT
location
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.2
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:06:10 GMT
age
2551341
x-guploader-uploadid
ADPycdvOeTSeHk66du2fNq1BXpRu1iH7OtxvtA01QLH35dbJZ5liU5KGDE43-pzq-l_1EvkHxrEEcWUQX9iKLyzeN7LfCZny4mQ5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 13:06:10 GMT
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.3
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:06:10 GMT
age
2551341
x-guploader-uploadid
ADPycdvOeTSeHk66du2fNq1BXpRu1iH7OtxvtA01QLH35dbJZ5liU5KGDE43-pzq-l_1EvkHxrEEcWUQX9iKLyzeN7LfCZny4mQ5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 13:06:10 GMT
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:06:10 GMT
age
2551341
x-guploader-uploadid
ADPycdvOeTSeHk66du2fNq1BXpRu1iH7OtxvtA01QLH35dbJZ5liU5KGDE43-pzq-l_1EvkHxrEEcWUQX9iKLyzeN7LfCZny4mQ5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 13:06:10 GMT
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.5
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:06:10 GMT
age
2551341
x-guploader-uploadid
ADPycdvOeTSeHk66du2fNq1BXpRu1iH7OtxvtA01QLH35dbJZ5liU5KGDE43-pzq-l_1EvkHxrEEcWUQX9iKLyzeN7LfCZny4mQ5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 13:06:10 GMT
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.6
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:06:10 GMT
age
2551341
x-guploader-uploadid
ADPycdvOeTSeHk66du2fNq1BXpRu1iH7OtxvtA01QLH35dbJZ5liU5KGDE43-pzq-l_1EvkHxrEEcWUQX9iKLyzeN7LfCZny4mQ5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 13:06:10 GMT
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.7
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:06:10 GMT
age
2551341
x-guploader-uploadid
ADPycdvOeTSeHk66du2fNq1BXpRu1iH7OtxvtA01QLH35dbJZ5liU5KGDE43-pzq-l_1EvkHxrEEcWUQX9iKLyzeN7LfCZny4mQ5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 13:06:10 GMT
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.8
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 18:20:01 GMT
age
2532510
x-guploader-uploadid
ADPycduKcuViVjY6K-pSYJl9jR4s7BaAvYla6kXRixHeM2AYnRlqVBuiYR0sKuEs-zmmVFqnr71umRpAAPhftOlAqEHzWC1-qeTZ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 18:20:01 GMT
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.9
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 18:20:01 GMT
age
2532510
x-guploader-uploadid
ADPycduKcuViVjY6K-pSYJl9jR4s7BaAvYla6kXRixHeM2AYnRlqVBuiYR0sKuEs-zmmVFqnr71umRpAAPhftOlAqEHzWC1-qeTZ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 18:20:01 GMT
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.10
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:06:10 GMT
age
2551341
x-guploader-uploadid
ADPycdvOeTSeHk66du2fNq1BXpRu1iH7OtxvtA01QLH35dbJZ5liU5KGDE43-pzq-l_1EvkHxrEEcWUQX9iKLyzeN7LfCZny4mQ5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 13:06:10 GMT
fontawesome-webfont.woff2
folkd0612.bubbleapps.io/static/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://folkd0612.bubbleapps.io/static/fonts/fontawesome-webfont.woff2
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_css/859f03e86a2ace26ad184e08d93a17f224597b3e5ece0a4e9df350eecfdb4930/folkd0612/live/index/xfalse/xfalse/run.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://folkd0612.bubbleapps.io/package/run_css/859f03e86a2ace26ad184e08d93a17f224597b3e5ece0a4e9df350eecfdb4930/folkd0612/live/index/xfalse/xfalse/run.css
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-bubble-perf
{"total":5.9,"percents":{"top":{"bubble_cpu":34.4,"block":53.1,"capacity_rl":0,"other_pause":0,"pre_fiber":10.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":34,"fiber_queue":16,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":2,"fiber_queue":4,"blocks":3},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":303735}}
age
3120230
x-powered-by
Express
x-bubble-capacity-used
0.005 unit-seconds used
content-length
77160
server
cloudflare
etag
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b6cc39da7e0204-ZRH
x-bubble-capacity-limit
0 ms slower
L0x-DF02iFML4hGCyMqrbS10ig.woff2
fonts.gstatic.com/s/urbanist/v15/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqrbS10ig.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
9ac86f9bf7cddd7963a2df2dfd00d5bae17aff357eeee30a091c3160d86f4202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 18:13:31 GMT
x-content-type-options
nosniff
age
372900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16284
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:09:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 18:13:31 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:40:09 GMT
x-content-type-options
nosniff
age
457702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79940
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 18:40:09 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
15df7612b2f445f4d18846aed403d0ca0947b3f8dead95d4b167621f5faaba57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 22:33:15 GMT
x-content-type-options
nosniff
age
443716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10540
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:48:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 22:33:15 GMT
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxLXMwXGk3aHD%2Bzsx9%2FcdocisRTsDQ1CgmP%2FUVj2bAvAIbXoUpSSdzPUVPR8ZGVp7B8%2FVwzPTqT5yCETU7HFhhLhoAVutNvcZZ4tOn66rEH5g723AQ9sdUD%2BEJ3u3aaoprE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3dfe2001f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcqMuexm%2Bi61gyzriIDCq3qGYbCBO%2BqApoTFdDzYjfKbMLidly8xQWS0LZEPYJ%2FPnXdLoWWcHlkSe5EIcE13q5oac9lbI6LmuBVRzB909cJDth5bcEJLFO%2FLtAKhfqvfLF8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3e1e3501f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPsWziox8bP2Ye4JwiIPVwvSc%2FylNo71FRqo%2Bym%2B8EhIetHH9WPQRO7MeOjquMDCEVUsv1hL2eyECN0dZNU8bV%2BQyQ0mr2oIil9OXuKbJ9z4mZ9ubX%2BXzfShIPjTwzhg3tI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3e1e3a01f8-ZRH
Logo%20B%E1%BB%87nh%20vi%E1%BB%87n%20H%E1%BB%97%20tr%E1%BB%A3%20Sinh%20S%E1%BA%A3n%20v%C3%A0%20Nam%20h%E1%BB%8Dc%20S%C3%A0i%20G%C3%B2n.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/XrSYsWjOyOQJ_E416DJe_0EPN9g/HcFZMg../
Redirect Chain
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/XrSYsWjOyOQJ_E416DJe_0EPN9g/HcFZMg../Logo+B%E1%BB%87nh+vi%E1%BB%87n+H%E1%BB%97+tr%E1%BB%A3+Sinh+S%E1%BA%A3n+v%C3%A0+Nam+h%E1%BB%8Dc+S%C3%A0i+G%C3%B2...
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/XrSYsWjOyOQJ_E416DJe_0EPN9g/HcFZMg../Logo%20B%E1%BB%87nh%20vi%E1%BB%87n%20H%E1%BB%97%20tr%E1%BB%A3%20Sinh%20S%E1%BA%A3n%20v%C...
28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/XrSYsWjOyOQJ_E416DJe_0EPN9g/HcFZMg../Logo%20B%E1%BB%87nh%20vi%E1%BB%87n%20H%E1%BB%97%20tr%E1%BB%A3%20Sinh%20S%E1%BA%A3n%20v%C3%A0%20Nam%20h%E1%BB%8Dc%20S%C3%A0i%20G%C3%B2n.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
142.250.185.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f27.1e100.net
Software
UploadServer /
Resource Hash
9b18e28c07981dd70640199c817dfc625d0ccc220fa30d9c0378150ded81c205

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:39:51 GMT
age
522
x-guploader-uploadid
ABPtcPppn5Nq8gXCOX_oJzGz42pM2umY3iCVqRJI_5SMDRG3_dG6gHNcR6epm_a2baP5Ij_TPtYPi62Q8A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28278
last-modified
Fri, 06 Oct 2023 11:19:24 GMT
server
UploadServer
etag
"72c526f4cdbb34e360681f01aa942c3c"
x-goog-generation
1696591164043302
x-goog-hash
crc32c=GekvQA==, md5=csUm9M27NONgaB8BqpQsPA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
28278
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 25 Oct 2023 02:39:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
deny
access-control-allow-methods
GET, OPTIONS
content-type
text/html; charset=UTF-8
location
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/XrSYsWjOyOQJ_E416DJe_0EPN9g/HcFZMg../Logo%20B%E1%BB%87nh%20vi%E1%BB%87n%20H%E1%BB%97%20tr%E1%BB%A3%20Sinh%20S%E1%BA%A3n%20v%C3%A0%20Nam%20h%E1%BB%8Dc%20S%C3%A0i%20G%C3%B2n.jpg
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection
1; mode=block
expires
Thu, 26 Oct 2023 01:48:32 GMT
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfXkrkTmnLgyjRsvR%2BCXb7uGnc1FW7AWhBrrjEPXT6x20MAbaXVz8lIuaUw65ceVD2cTP9WzFY30HFUp6Vr3ibRY2GcliZIu%2FYqIhZQJ0gtLSXGNM0poi1YD2LW79LXRXkw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3e1e3d01f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7k8RZZlEe6ZTPDjvtv8IOaIKxWVz%2FSHjEH8G4fbMiRWDj9%2Fxj8hgD6BDUcYch0vr%2BQhuxSo4r7fhGGyLKV68pNShOjHadhVUrG1wR39iz3XvssJ9fstZgyQytC7VCVqsyK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3e3e8201f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGHFSB%2FQf20RNLOsIM0m7h3OknWUy%2BuYjlGct7wRiklCYhG%2BbuPhQVFdSxvmqv1sPKyZC7pnJ8v59TIVL25FR4Wm8XNwS9GAlPYe9ihVzfkmLoVmQLwApIBjmwU7eN5N0EY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3e3e8301f8-ZRH
logo%20Coinwatchdaily-02.png
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/TXS8PSKP37xch06lAj74vClkNr8/iV8bCg../
Redirect Chain
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/TXS8PSKP37xch06lAj74vClkNr8/iV8bCg../logo+Coinwatchdaily-02.png
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/TXS8PSKP37xch06lAj74vClkNr8/iV8bCg../logo%20Coinwatchdaily-02.png
59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/TXS8PSKP37xch06lAj74vClkNr8/iV8bCg../logo%20Coinwatchdaily-02.png
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
142.250.185.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f27.1e100.net
Software
UploadServer /
Resource Hash
1a69509b56f1b16e1d95b8605f55dd6876c3550c16ecb0735a456c9446343032

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
x-guploader-uploadid
ABPtcPoLHOWpmD5TbcIG8urZ4uHDs6f1M8nLLerSJMy5GCZKDyXEKKVOPTndUBaj6UbnhvvQzW4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60297
last-modified
Wed, 25 Oct 2023 01:30:02 GMT
server
UploadServer
etag
"709d1fdf537df7ae17cf1feebf88878b"
x-goog-generation
1698197402135070
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=TTA4LQ==, md5=cJ0f31N9964Xzx/uv4iHiw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
60297
accept-ranges
bytes
expires
Wed, 25 Oct 2023 02:48:33 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
deny
access-control-allow-methods
GET, OPTIONS
content-type
text/html; charset=UTF-8
location
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/TXS8PSKP37xch06lAj74vClkNr8/iV8bCg../logo%20Coinwatchdaily-02.png
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection
1; mode=block
expires
Thu, 26 Oct 2023 01:48:32 GMT
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BSQEjCqp9B3UwV5TbUDs7Ts6AMtuLOo4c9uU0OU5w2EHigYeWZvMfU1sNBoQawaigfoqmkSWj4PCuDitoGzZzG%2BwGRflzTSmRwJa%2FPNfWjJemCfcc1UxYN1xTeqsYAbhlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3e4e8801f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCuYupixw93%2FxfJvtbeV4zDHcvjCz%2BrOxghUyaKsvLlcS64rXfGQIhd0aEVeBoMNJ6Ivoeh0g2ZI4hscK6GplmpUc4LfjkUBWEY7HYYSr9x96N7JqdVAORi79Yn3Ty8%2Feng%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3e5e9201f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYsbtt0GOtTgO72Gq8YyDQh9JZnHjKLoOeR7bZrlLwtf0nYM5W811xUBKK%2FGkyZNOmVvG%2Fzh10EDLA1RK7%2FhdqnNh2U06WEzfpF5ZWoQvnTXFAdg7l%2FF5wxOuBROG1JknHE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3e5e9401f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLZ9YqK0c2J7VjscW6IW23HR3zQl%2F67Q%2BPRGAx6LwgkndZujbIwnZRQ90zaCXuTFmapfgTcd0K6F4oDu90TJUiZjhK9tFdbVw2TF5AAVsyGmd5cCgXiMs1lWqkKJ7M3FUGE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3e7ea301f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKKukxerlYftb5qIXhIwTCE1xrgDhSssrvLOrf%2FifFTRnhoCEsJt2eMGem60iURGypztkkQIC%2FFjkrRTEuCSnqkiri78dgicxR9RucrAFyOX4DRjxiFOM2Qn487PgROsemY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3e7ea601f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bJHjvXOpFLtI85qlgQiB3wxtMl4AbQE%2F48fWnEX4rw%2FANV17YNOIjIwUcfjeTyeKF1nVRbFjEA4xS5xrYnHXglTFIP%2BJfZfr7aSxktloRwevhEojDU6Clj6nEjXhvhFI8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3e9ec201f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bJuz8qoKhkxHRBKc%2B9%2Bwtr9KZxn3xapNjS9b3j7ZfMtVq6%2F1kWC3rMQQXg2BxUh4Jj%2BRRqXsQbleLOhnuQIOYavF7N7d4ikkYROrdof79bkVvJ1b%2BrQX1NYQZk0E88HOeM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3e9ec401f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfbssPSStpAG4yZWG5fWfiRcincKaVeaxiCnJGZTXQaHOOEgl%2BhFfxQAzKt%2BY%2B48DqZT5Qhpdoq46mYhWD%2Fh9gcBHpbxKuYg4e8j%2B6%2BFPW6BTNHV5AgdaKFp%2F8gMVoiNk7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3e9ec501f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlV%2FoEF0X%2FCgzm1ZwjYxG6TvyNrFh70zUH0XkJdrxUiHh9q7hVsJq6M5Yf3MgFQJiEtQaIqqXRMr4JDXPdc2B9DJ1NxKwVYE9ucIGpuhVXi9KJn1bYKqfaxLqfQI9icKc3E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3eaed801f8-ZRH
169193661-home-broadband.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/OkoCJd82LftZsMoWtxyuEtirwI8/azT9Wg../
Redirect Chain
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/OkoCJd82LftZsMoWtxyuEtirwI8/azT9Wg../169193661-home-broadband.jpg
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/OkoCJd82LftZsMoWtxyuEtirwI8/azT9Wg../169193661-home-broadband.jpg
49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/OkoCJd82LftZsMoWtxyuEtirwI8/azT9Wg../169193661-home-broadband.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
142.250.185.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f27.1e100.net
Software
UploadServer /
Resource Hash
ecede7abe8f2a4c2325dac0e6ca4b6940320b0ce7e6c435643f27cf799048290

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
x-guploader-uploadid
ABPtcPoWqr35GUqPEi2MEpYoMkIR6nuIUaKfDiADGZf7MVfdH2XB4Eer1MwF7nvmI9zwErnbarI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50410
last-modified
Fri, 15 Sep 2023 02:08:26 GMT
server
UploadServer
etag
"67d408e223e49e45763e046bea885fc3"
x-goog-generation
1694743706351450
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=uoI++Q==, md5=Z9QI4iPknkV2PgRr6ohfww==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
50410
accept-ranges
bytes
expires
Wed, 25 Oct 2023 02:48:33 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
deny
access-control-allow-methods
GET, OPTIONS
content-type
text/html; charset=UTF-8
location
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/OkoCJd82LftZsMoWtxyuEtirwI8/azT9Wg../169193661-home-broadband.jpg
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection
1; mode=block
expires
Thu, 26 Oct 2023 01:48:32 GMT
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kp2dYdIHtBr7vpW5nSxR8OtLa8tywZXNquDuYkdKZgHAuIxB6guekLXkQRZJoycgEIOTNe92GJLXkMgGWP6tXa9a7uJgqnsVmJ5FvfGB3OsmUNNhVWYQpX1fQi6fSlissi0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3eceec01f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aphIi43EEhKtD%2B6gjiTGsXzEP0utPej%2F36Z5%2Fs0wGdRLHs1UKswW8PbOKIbOGqADl5y%2Bq3zJJkBnrpdV2NxuIFeoCPmm5XQOhkRdRDxz6ppfpdLCTvRfvgMpzqU6iAZ3Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3edef701f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OdIs10hMG6pSYpizs9MEUGyTDbRovpXRtNcn5c7%2F8EUYdp5LoDslZaC1DrAPkABODMKQk4z6dWTXBr71gJzmoPqemOoy4SgkFacIb%2FAuoEGBfvijGFQRxmg0i6ddkySjQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3edef801f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xe18CRXkrq8DhbUlT6zJ9pUMW8L0mQO%2Bch7pXdU%2BHaCp5foDu7wNTAdEaifQb46OJfOwa4jytnQvWgp4bPWvjXc5W67Fieu%2Bo1YO9nPHVeFTB9Tv0KxXteUa8HBf3Oyz4ko%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3eff0d01f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qt5RFv2BxEKXZskLXCFE0%2FiugJtEq9ATrLsAE7xJj6Pl7v1fejSFDkEceiBe7wyspxASWLnGG%2FE8IUmE4YXmX%2FUKmTyrmgUEIxeLipZ1L%2BH2ILyLa3nYyHY5bEEI5zRmU4c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3f1f1d01f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfrYLXSaDgkLEt7aT8Ti4OqGOFunvm8xCIbzV5ZalUB9GMslQxLM7dbOqFeKC2UZ1Tk8OzsLL5SNN6t3hm964f5x5sZuUxG6IWJn3qEjoPXohHAqRvvV2oUyuoRjaoQrIaI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3f1f1e01f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kYN1iYe42a%2FmD%2Bl9pGP558TCe%2FMtoQVl%2Btnexisz5v5J%2BFaE6qheF0AhZ6D6CmpM5nsiwrs%2FIdgxG82Y8P48B7d%2BHrGsgJh0HHxq8Bumfo3WULloYwfpaNHzXdLL1NDO74%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3f2f3001f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9MUJ3O6rzHS%2FgBKW2OR9CbXb1OGSSI1P8n%2BIbk7Qs2145%2BMOUFx%2BkMdNeccpxLxLgthaUC7FcB80el3qSL5FaZzRH4GNmhEr%2Bc9L6pfC5hjhkKLz5r8%2FUVqiZeV1lqXXZk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3f4f4b01f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqksPTi0P9lgFpQr459XcTXQY2%2FF1aP6W7un7wZZ1nzVVb%2Fv%2FspicAP%2Fqs8s8Z2qy%2BC%2FkbqcRU0JMXd1VnYdedKZrbSEnS6urtjLJoV2mnJFC%2FR57GSYQwIVzSXpu6R7nGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3f4f4d01f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teH%2FqzwFmh4ZaBqio8iGiu0tjkTY2LB%2BGDZUTqQ0H%2Fmi5xjOwfFJrGhbzNBuyFo0HT%2B%2BQkakrtWVM20qjhH9EW42jMiej%2Fel3Nmk2NDqlOhFcKuUAAqdYfThEAJgQc6I12Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3f6f9001f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7A2bzyj5AVtqZo426Fpph%2F3qr%2FpcG0sXCaAMupXVBuvGeUYMz8Wku1C0pPxzlQUgwPPhpqHOwa9qAtvtitL%2B2iEcEVJb3f9D9OaNlV8ZfQ2iYn8dDKzo8YiRXszQ9lyH6o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3f7fa801f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WU1qKPEBuOBxv6LloCCKHrX5j0KWGOhlQjatuDy0JpRkERi25LbztR0Vm4HSNzczO5EpCj2ke7uPjPF%2FcZtJ%2FCFKSr%2BcBqM%2Bz63qZiSGl5EpCncGR8i3q4c5%2FT5Fh7CycXU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3f7fa901f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FqNCV%2BejolrBpgTe5BRI8GF60Wt6QAn9XYfWPAEcnRr5WnUXa72cB%2Fs0IaUhqxM7MurbyyqRoxvWwP5UTMWGB%2BgXhYBI8MhISUE0wiaAgXJo%2FA8coJ0wa9cOittHaJsIeU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3f8fc201f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oksGy%2FnoVERU0omxADDezZ09CUTERhwaM04r%2F2H9p5pYmo0j0f5RTjEpMSdQpTXcNJ2ckBw4sy2Frx6Ynxy2w1XnZxxZLmlkx7G4aH0WSOU%2FehYsF9M0WT9A%2Bp0sczLcRsw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3f8fc301f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CJaSDNz%2BsIy6d53IkTi1JsrhKMLlg0xz0m3EveEEQvRBhaBYVzCDNL%2Bp9B8JM9KBELGMV40jMJwkiSHyS%2BK7zJQX0helaECEwzGw6wHKKMf4cuD%2BjH9GoX%2BcGas0dLFb78%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3fa80701f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RM7CjlmYzQR0X%2F%2BwjXpD1oRW0US5n8cp%2BpWc7p%2BlVrvikZOqLQIrd%2BSWYWUyTZPDtflTj6SLx35VxKzepSecH%2BseIAQAb2j4bdiS6FlEkodnL6TOd3eNCUd2yfu6J%2FBL66A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3fa80801f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4vuV48CmZWXw6agoz3G%2Bwjc4bR0vRnKZS7KaN8qRwIGBy4ZWawCOwCFV7HwRlGOn3iUxCPM1Y9HR7nVNmVYh%2BqaUo5VZe3vYNvRsE7N0ueCOyLBI4JV84vuYbJ5%2FvPfcFc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3fc81401f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=safrL6K7HxhgJQadu18JHwL8tAZs65Vp0V0JQ%2BEsi%2BVQl1ueo4u9ncc9IOx1Nfjm46RBHU%2Bhl3aqPFWwNhjbkjFK8gPD%2BlTajpnqzhL4RWu9ykDKZo7CT452EOotvtUWYvg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3fc81601f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZU3RN%2ByXFOeWh7nQUCTs1t%2BYf0M4ZgFIhUfko4YF0%2B3X6l9ABV%2Fmp08t9uWKaT8Dzkw%2Fdm63x31W4UchGIiRmFlZAdah23PY7Ry9D1huITpvgZNxpsKaeiToRXorFI3OyvA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3ff83601f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdmpWbSUVAhtD8wg%2F4LiXUOCUxB3d%2FLptxFpL85rMeHwsub%2FxLRPIadp49%2Bqp2sr%2B1lj8utvMXdK1SssD%2FdL7aqk1Knin1fpvk81WlrxwqCV6E7%2FM6Ywo%2BO3lR6swyyHOKg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc3ff83901f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dClXtYrRjWqYWYIEzE7I%2B%2FCGhHL3r3qMr8nIxxqtRmRQHg8fMmKmZhdyjUIBPOB%2FJJ63TLlD2kggm%2FIe%2BV93uOWIjp7330YO6dugOsVUdHs8QzgjvXXMgsLBus0G523T8mg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc40184c01f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAEIw80%2Fn1UbXme6%2Bez0r9ah4K%2BVIW8m7PtoPR3IstY4yE4N5pelAh0nHlYPFG0oKajPA7b6UwBtangpdeIc3Fd6y%2BtQfP771qQUzwa9MphB7aW3fRBM56cz%2B5FoZ1jSwMA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc40286201f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Q%2FXBGj8o87oVsmFZ13mizkCKxmw3GXUCkRfkiiJM4ZR2xy2PPAASn2G3O2lQNvaFj4Sr%2BQXfsrOTllqRtMHCJIcOHdGWt%2BzaCGWqkMWrUmZ%2BTicrgnAEBRykd%2Fxlxhb1iM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc40286301f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTNCZgeCZVN4R64yZwd8iAnc3cAJpBn5oJypQm3CYsiA6uNzHcYPv102aF9NSAef8wb%2FoWxZLDydwAMRoLbhQHH8XgjFkbeTTLoraA9Z%2FnU%2FfHaGt5hW94wbbTO4EJ2nKOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc40286401f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKw3gZYWz4GDjrXBXP20a8rRwN06%2BXZQ1diHoWhrS4LZjA85lfy7OiwbuxYjfijcY4JkrGJZLMTO0ILmEoSZOW38N11fEOatMsBuwIn0yM7rDOSMZz5eGjdQsXYhikc01Sc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc4078a301f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqIMOYkIOv3xddsGUZF0%2F3cSKmWSM1Dsuw5jOLi8nDK09S2sgDXiulb%2FAeSJErFMClsuj8uyTtjRLNTiKhlhcx8jmtnnXlsNlKAdV7UrdRrQHynouB%2Frv1IRIqn37wd02ms%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc4078a701f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yo9GSJSKz2T0nufLlU4UTn5eGHDUN9YqqD%2BeQTwK%2Fa0Db5%2BWsSRSesHNFZ%2BZPWiWbE5vrq7YhYmEGwOM9Hdh9w5F72AvYzhXQbfl3KISGdCRisLP7edC%2FWuj%2FFLBdP5E%2FXc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc4078a801f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEmrw%2FDlF00cUp5QFBKNq%2Fq3vrQIXzOHhZvqmTYJO601zJ4Q2X54RbWGZGKdFozThLekNMTXOANDyQxTfQJB8OfaTbxwPzizIcOqTZEQiNLmKZKHvFl%2BwsyIJiMB%2F7zQVE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc40b8dd01f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l001LirlUJnVm8TzP1x6I4CgZ315sa%2B1kQMOiq16rIVyNm1WsYf1lYVuJwDduSE6KmiyGc5FmukVvmC43GEzK%2BZbOkmTIRwlXbBqetB%2FGtIjp5WMLqXOASqjn34Jn%2BwG%2Fnw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc40b8de01f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5gcoN0EQW5j3qGgAPkXPcFK5Kc0KV08IAfW2RVQW0SOhyX4h%2Fn7DsfXnW%2Fg6stC1q4cxrz7dA7jIWBlH1Rxqlm8NkcShZ3UxiOUry3lT9aY3JdRn0ZClyEvZLZd56OoV%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc40b8df01f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kwh%2Bre7elwBAkcopzakUaXMZ6rPEyxL81c8uKWbIdA6fcV8M4%2FHNA%2BT6KwqG6cyUoJIAh%2Biw6xQ1MRi9IIAu0UpB4YAj30D4FmhydVXcnIhkmzN6o7zSxXMgo2kxx4pYMzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc40e8f801f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOUej3ESHrhl6BQMcE3hL4lP8feN59GWMJWnEU6s5stn%2Bve2cdapDXbMl8UCuoompz8lCzKZtGCArCSkkhYWvnN6SAH%2BBvBzKvJaB1BeWtQiRtjAUQePMTTnZQyPgqJ6eXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc41090f01f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYcIXIgoaZ%2BP%2BoBeQWyaEPJfqQfWH0UQu9aJSiL2KCXu8kuOo3ZrWTRtorTquYGWnm1iz42vjD2co7u1uIqLuqcn4EXtUpoHfjISJaskxT%2BdYdcDZb4kTtM8YT7%2BFen3jlM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc41394a01f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cek9K9%2B6kF3%2FeFG6s0lyhbQQvdV9n9tXxrpbzU9z3eSrUtMccZB0ZJRPLK85V5La3HOAj5BhhsG9v9wfr4QPrp7rOtDaCSXOnxAvM8ti8KEEJJgMY07FSAQEoNhSN%2Bpy6nI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc41a9d201f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZuY6fGlixRnvjJADHbwB%2BpO6YK%2Fz8buQm8%2Fb8g7Xv7Q3t9VjRlTkguZ9FI0WuEDj5p4N4tNK22%2FTczFQ2Hpzs58cgVwlJaor2bD84KqXzijU%2FvBf99R46U%2FlHKZlcwuhd8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc41c9e901f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbUEcFvMJDnkX1iCUDyPljIHat%2BKdEoO80X%2FDI%2BORVqZ6sYnFapQdIwDcOd9vUVPgVevsgqjh7vDqkns3ixqMXKCsA2cxdiO%2FrK80IC7CNzFumA%2B8UX6XRxjL9mVPAsUWSU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc41c9ea01f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxtMQE0e4Jml%2FYFpLSaYxXypvsoOMDgOn%2FHUSvPihIqTpnrtNUYwdUSzcZnaKdXXKP3qLfyCUvGjwV7ZaqdwWlQXqclFJKkr%2FdxQR4g9pk079ckv0fCMFNmy1yuylk0uPQg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc41ea0301f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eE5koqGgyqaLpaf8Aq2dDOHG2PRxYcyCUGgtIKN93f2KCIlBaLyuPyc4x8Z1HU4BG3p%2F1SX7s6WQR0unsEufIxETPYHCCa1Bhnr3b7RyB1ZOKhsbi%2FhYCy8AyeNoSkPwFgA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc41ea0401f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEn5d9ebazf%2F3m8McwHO8IJhopOIA1G8Ze1gAcLISfuvpXBB24P%2FOBMZJBdr5ut8aDgMyB%2FfFqWOjA94vpZ0tB3Wsh8S3YNj7tQDMiYrjgVhKB6wPTlB%2FLB%2BgQpqsNLj5uI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc41ea0601f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9417
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtqOrdBSLm5Fh7jCcS6VjxARk36Wprke3lhZO0KoXu6CT459zsopzRY%2B8iNDEZ5yY1JyAKgDl0qaFvP6T1O%2BJP5e5SU8j%2Fv0wSfZnMPjI0SQPYC2pGndG7%2FOQkkUvhGkBHg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc421a4101f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607453
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPM6uA%2FW5DhjPGCFonXVRuAxOhcSD5XnhACGt2H0lSurl%2BTN9Aa4GeD7XwtGyTyA5vLlqX84mr4blM3SKKTbsI6MEKVStV0RKR5%2BSbfyAK9a61FbLvx%2B%2FpcVbhhYPLcD3Ms%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc421a4201f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120231
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZXKj3JbML3BkUrdgo7mSAdfIPeJfpmwPVo7kr%2BEwJROkiBKUgQNuWoJR9KsdFqk6bNutQJ8xG9%2FnK10ml0W7qyiXXYoY48EmgTIoeW5ewcX5aPI%2FeS%2FY4tK1NX%2FAw82iLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc421a4401f8-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9418
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDxyO3sPVR5F%2F3ZvjUfWc2gse%2B03EH%2FO0xq2gb8Pnt8zWFA3xuFHFf5aFk%2F4ozyeQCwYjUzdmgaRMH%2BgP1zmgL7uq1gvPnYTjCE9Yu8lpqmLDQvYir%2Fe5Kx%2BFk1MPHcDp6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc423a5c01f8-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607454
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkR9Vz%2Bc7EcpH35kF%2FMvXaEY4Ifx20GdGoKZxhF8XL7DrRSDCdkdhGenmgVwvJ%2FrrTdgtHSCutjz1GjLJ8pQLT69M9dles92Y2kkFg%2B%2BZEdmJ9OjgscedNMgFrjNwQFyVjo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc423a6601f8-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3120232
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2GvmLiWL8sW5xVrAhUv4E9tu8BBooEX5PImfaJCEVWbCzHtKgU9DspT5yMokIkIvHNLTWy6yu1aHeCGXmUTuNJuoiAJtvE8kW2LeEtlHzeoZvHmDF4gboRYdETfUoPmi5c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc425a7201f8-ZRH
vo-sinh-nguyen-phat-o-namva-nu.jpg
benhvienhiemmuonsaigon.vn/wp-content/uploads/2023/07/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benhvienhiemmuonsaigon.vn/wp-content/uploads/2023/07/vo-sinh-nguyen-phat-o-namva-nu.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.124.95.152 Hanoi, Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
ttr01.nhanhoa.com
Software
LiteSpeed /
Resource Hash
c7fe80017eff9e90d25d48f5badf9efabf3c8fd6a7b0477a30ae77ee26f899a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
last-modified
Thu, 27 Jul 2023 01:39:05 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
99735
expires
Wed, 01 Nov 2023 01:48:32 GMT
coinwatchdaily-bitcoin-price-prediction-2024-thumbnail.jpg
coinwatchdaily.com/wp-content/uploads/2023/10/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coinwatchdaily.com/wp-content/uploads/2023/10/coinwatchdaily-bitcoin-price-prediction-2024-thumbnail.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.204.221.13 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
13.221.204.92.host.secureserver.net
Software
Apache /
Resource Hash
eb511f33a1caac5eb368c11e52216e48e19b6f940fc161dc76fb99a59abfe21d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
last-modified
Tue, 24 Oct 2023 06:23:02 GMT
x-wpo-webp
Redirected directly to existing webp
server
Apache
vary
Accept,Accept-Encoding
content-type
image/webp
cache-control
max-age=10368000
accept-ranges
bytes
content-length
48430
expires
Thu, 22 Feb 2024 01:48:33 GMT
kozi-logo.png
cdn.shopify.com/s/files/1/0729/9212/9315/files/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0729/9212/9315/files/kozi-logo.png?height=628&pad_color=fff&v=1678082456&width=1200
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
55c7369b4ef6b898387f4147324f61b74e0fa810710a92867c7476eae0fb5ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
source-type
image/png
server-timing
imagery;dur=252.426, imageryFetch;dur=113.660, imageryProcess;dur=138.036;desc="image", cfRequestDuration;dur=135.999918
source-length
20123
content-length
11200
x-xss-protection
1; mode=block
x-request-id
5ae95836-639f-4683-aca3-809d3e175e7d
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 25 Oct 2023 01:22:28 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QI7lia2rj1GliRscM3UdzG4t3KccGbuuOCdXem1aV68hHXTBxxvVsw0vW%2B%2FEfvcSrD2PaAA7aVXLADS26X5KwjOODC54R57NJ19xzCna%2Fl5okZ0v6VN1RGHv676bXzH69w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0729/9212/9315/files/kozi-logo.png>; rel="canonical"
cf-ray
81b6cc432d9f0211-ZRH
favicon.png
arafuru.com/wp-content/uploads/2018/06/ 		349 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arafuru.com/wp-content/uploads/2018/06/favicon.png
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.191.154 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.154-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
90dbc6e10b603305f9f190f42ea0a28a70a772ecaf312810eacb503b71bcc715

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:34 GMT
last-modified
Mon, 02 Nov 2020 19:34:36 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
349
expires
Wed, 01 Nov 2023 01:48:34 GMT
WhatsApp-Image-2023-10-24-at-3.59.19-PM-1.jpeg
www.jeebr.net/wp-content/uploads/2023/10/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.jeebr.net/wp-content/uploads/2023/10/WhatsApp-Image-2023-10-24-at-3.59.19-PM-1.jpeg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.205.230.81 Lisbon, Portugal, ASN203020 (HOSTROYALE, IN),
Reverse DNS
Software
Apache /
Resource Hash
2efa8cfc2ff0ceeccc2b3e613651fb892e1d1a4dc4e1d0b60d05cafbb4df384e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 01:48:33 GMT
Last-Modified
Wed, 25 Oct 2023 01:15:30 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
49519
Expires
Thu, 24 Oct 2024 01:48:33 GMT
favicon.jpg
www.telljane.co.uk/wp-content/uploads/2017/12/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telljane.co.uk/wp-content/uploads/2017/12/favicon.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.83.179 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
179.83.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6df4a58cc87985ad457246b8a064cf1797f98ef33ff0aaab82e67c8f7c4ee90b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
last-modified
Tue, 16 Jan 2018 05:26:27 GMT
server
nginx
etag
"5a5d8d03-53f"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
1343
expires
Thu, 24 Oct 2024 01:48:33 GMT
apple-touch-icon.png
www.transdairy.net/wp-content/themes/gorgo/assets/images/icons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.transdairy.net/wp-content/themes/gorgo/assets/images/icons/apple-touch-icon.png
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.252.152.44 , Italy, ASN60087 (ASSUPERNOVA, IT),
Reverse DNS
hostingssd40-44.netsons.net
Software
/
Resource Hash
38097452bf5459379f94e4db1380d440416f6a1a41aa99c59455943b851ff892

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
last-modified
Mon, 24 Oct 2022 20:45:28 GMT
vary
User-Agent,User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2519
expires
Wed, 01 Nov 2023 01:48:32 GMT
cac-buoc-xet-nghiem-vo-sinh-nu-gioi.jpg
benhvienhiemmuonsaigon.vn/wp-content/uploads/2023/07/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benhvienhiemmuonsaigon.vn/wp-content/uploads/2023/07/cac-buoc-xet-nghiem-vo-sinh-nu-gioi.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.124.95.152 Hanoi, Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
ttr01.nhanhoa.com
Software
LiteSpeed /
Resource Hash
afc7ace230b69ce2d0c60f8d2fe4549578d4dfe00014a29f409090f1945d5ae2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:32 GMT
last-modified
Wed, 26 Jul 2023 01:42:05 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
91407
expires
Wed, 01 Nov 2023 01:48:32 GMT
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=509yKvag0RaSe4GLMCX0ESl5lXFL7IcDZUCWnSVffr3QtDUmbtyR5uDerCCXoczUolDq8DV0W%2BSJnMuZtKGp%2B5pU8%2FMeDEVphcxkI8WUCPketm2g2Pc6nUHAyDI6oH9yuDs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc427a8401f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iyBeKG6dQr4UMtCwwS%2FvNYG5ZYZsfnNmKo3VFaRtJVqT3DqiIRNbJds9rhHtd1w3RyINpA9Hw26tNWSsZY%2FDg75zBvCnQnqHd1f6m6KCCfKuGdUu2UMhY%2FmDmlm%2BBVdzcc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc429a8e01f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KUhtHjz03prGxtXDrO81v3Ryse4cuWDi012CVNp8CZvd5BHMd%2F34HlONd8kqXqkXzYUofGzeJWC%2BCXHlfE%2Bi6YlwrBRoOw2%2FEAIBOPSp4gQvhAiyBrKSFYbP4W%2Fnw4Bk88%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc429a8f01f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2xSdupr%2BKO0wjIfU1T0BTtEN9IPMkO8X9BzE%2F3lHNlul5yE07rRnPVh8T2gMN8fwrQZLHbACj30j0gOV8jnEHy57R3azVAoSVQXs0clghUl2WcOkZeKZQY7amfIuywh6KU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc429a9001f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PDPnLN%2BJcImED6u8wJFSa58V24%2BaBBInloJgz0TC41cPpB3cuWK3Jx8p0MQaERrFqPi7RTkCYeO94Egcl5o6VaxiWcfbe548yD%2BxHN%2Frn6KRJD%2F4XgOC%2FiXrIiJXHhk7yI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42baa001f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=di%2FscqSmZ9RuVlnfqgkKgsVN0BgsRsmG8XIGxx%2B805HS7PfJ8%2FuRd2TfrixndLv9TxW6bf%2FVfJZYYuCoY6MeDF9xTo4eIXQ5jf4JWwaz6%2BfxbG4rWokknZPccJ%2BxrOr0tFI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42baa301f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2R%2FPd9hX3KM%2Fyn4Gzj07OAdLbm%2B6fs8mSh1Z7YeBdnqt6qPnT1WZX%2BsGKF8yHCAaT58uOcyA6T733XRRFoHPEcCd3FwaTs1wiMFm%2Beqb3aELIEOq4KYrRLH620vk1y1pwY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42baa401f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8l2Qmhc5U59nXSFFS7%2FYni%2B48GNHYtSorrGONkcE83k%2FwBFnJgbuWusM2bpNXyQLR5d2n9wGdx7tD2b06tP8T4nl7T%2FFVbOijZUv0vjpaqcm27uNPgVcT4KipIGiEnyILiI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42baa501f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppAs40iJGQqvZ%2B1TD8yhjDq7CSZE98YpbxSCGK9q7BQ8Aj7yGaK4PtoxnnKiYVP9wEuXflpANfruihjV%2Byl0BFGop3M%2FHS3H5NbaMZeY830UykuRC4Nzn4bUq%2FwsToVFvow%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42baa601f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHzTr5E5zA%2Bin9ZUNedHKBso9qsRRTt4GKAdMVN6x7bDu5Z4pq3g0zldSkbFoZcYJaJi%2F4z9zl8MJWpFxkGvIPT27my5wPCJ5KyvJXWcAfFioVOecV4TFfT0MMc3HYf6Yrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42baa701f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jKbT5Cy9S4xnzKumWOykczbXW8cd0y%2FIWByOZmFXFU0%2B30M0bOt1b6%2BukrMcqrQDDpOFjClwVFMuHrkZ7UslBb%2FQNLOhluAxNqCnE6BDprjZfO1nEzW8JuQtfoCnN464cQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42cac101f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7hJ4Sy1iZ7eixJmrmaVVJ9TyleJNqHeVteX3Nydmg9v5AxbZp7ZyRJsJT8NBZQri4S8OAbj5uliNh8guZNPwVWEN9Et%2FdyimjdtlKaNdmCDkJ5AUcjY9dEMSkTcowk%2BI5A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42cac201f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCmF4l%2FPeLHCMTjmgNmZiM5swF4YrKHTK8Ud7TMwpw3F%2BQUHLBSw6XBEs%2FHD4whuJc8TPwhjHSf4iwzpG2fTRahRCHaGVm6LoC8esttv9gRWIuqM7ryLarA3JBxJeM%2FIGvk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42cac301f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bb6LFwwEBRCyd6QpwKJZ%2BAMWTi5WXa6lBe5GOAFqKvlNCYNVsXkaY8ND9cwnIAiDCceP99M1a0hNEFE1eDIqVhGZrrQ6j5QDgRHuNgiTGGBCN3%2BawcVCxsUBSnoty8VyfHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42cac501f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5wy%2B8XKrvYkNtq5rBYU78A4T4onlxiQApU4MjQJk8DOxJtALBMeC8EWLkYnRdPoHg4K98vdxOlKyE1oMKZ534dc74e2jNcjqJ6J6E9Vv4XWA%2BENHsJS9%2FSqEnQluuqckQs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42cac701f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLnTi0RPu73N637phiEpbB5sP2l%2FZSeoO5iIcJcjz%2FGFSfxKqhf6fmpU8wMzvQw2AwMyO4D9Ik2zEu1F4z5n75smSA4icIqR21MLECxc6sgdnlK2ujOiJqn45HUwbdHq%2BVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42eae201f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAwYVnma4bB4OgZLmOqlRXutFd9apCoMrdLpnuOa4hGGTY1HWfYq4VGQIs52OF2%2BkI2alqmhMvh72xOl85ucn4NNdI8Tjp8KRtOi%2FrV5OVqoYxakHV%2BUAfufI%2FlcLWVeKg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42eae301f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pw%2FIY0VSaddsA9UWA0TVQo%2BWM5CeZyVvzeiJAbD4FCISe%2BtRPO%2FYGAjjARy%2BwwSmOYNqzigZs46RhNAiXPtjrMbgAD7KIK3Woy7LsTT2K9H%2B5u%2Fr8eQi3FVCHfFc5CtqhA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42eae501f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjP49qD%2BuG0UgUUEFWe6360bcmQPz4KOaqaMMT466f3CMupdcQrvzclsT1IfgXT3mhr6W14PF7MOGSTO9qv%2FhMEsMg5aIJ1LdO1EgYTksmpntjcAqJKxV9rCzjvB3qszv6o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42eae601f8-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872692
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ER1tutQefgkfyXLf0wGLZOTur8XIAN8qp99qKltswgA3YpxR5RQP7paNd3b1uqZMZYW7hcI9VA1dudOKsdqWwvNacRw1h8URV6%2B97u%2FF78VgxZiati6w4xFQDN1RiYIjIJY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc42eae701f8-ZRH
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=142832083690203&correlator=3274874120407530&eid=31078703%2C31078932%2C31070233&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c25cfe2cfb1705a%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MYg6ElK7xULkAltRm0i6Gw2-F1oJQ&gpic=UID%3D00000ca1dd1eeda5%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MactXszduYmmAypNDozhxTysadpMw&abxe=1&dt=1698198513110&lmt=1698191313&adxs=386&adys=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=153657198.1698198509&ga_sid=1698198510&ga_hid=1371445820&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYw7KTpLYxSABSAghkEjsKCnB1YmNpZC5vcmcSJGM2NTlmNWQ4LTljZTItNGMxYi05YzU3LTliZTBjNjZjN2RmYRjQs5OktjFIABIdCg5lc3AuY3JpdGVvLmNvbRjDspOktjFIAFICCGQSFwoIcnRiaG91c2UYw7KTpLYxSABSAghkEhQKBW9wZW54GIa7k6S2MUgAUgIIbxIZCgp1aWRhcGkuY29tGMOyk6S2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YwrKTpLYxSABSAghk&dlt=1698198506158&idt=1847&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D1_SG_chrome%26browser_hour_refresh%3Dchrome_1_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1119672062&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
204f6c36a5324e12364e7dafd2f83c8b69e965fae6abb0bb7ce762ba3b272ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22900
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=142832083690203&correlator=123108234597463&eid=31078703%2C31078932%2C31070233&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c25cfe2cfb1705a%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MYg6ElK7xULkAltRm0i6Gw2-F1oJQ&gpic=UID%3D00000ca1dd1eeda5%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MactXszduYmmAypNDozhxTysadpMw&abxe=1&dt=1698198513113&lmt=1698191313&adxs=386&adys=2275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=153657198.1698198509&ga_sid=1698198510&ga_hid=1371445820&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYw7KTpLYxSABSAghkEjsKCnB1YmNpZC5vcmcSJGM2NTlmNWQ4LTljZTItNGMxYi05YzU3LTliZTBjNjZjN2RmYRjQs5OktjFIABIdCg5lc3AuY3JpdGVvLmNvbRjDspOktjFIAFICCGQSFwoIcnRiaG91c2UYw7KTpLYxSABSAghkEhQKBW9wZW54GIa7k6S2MUgAUgIIbxIZCgp1aWRhcGkuY29tGMOyk6S2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YwrKTpLYxSABSAghk&dlt=1698198506158&idt=1847&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D1_SG_chrome%26browser_hour_refresh%3Dchrome_1_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1187129888&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
1e0f15760bf8ebc0da73169538143d01cf3387284caa546a17643d94d2a9ad91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22536
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=142832083690203&correlator=1655885480070236&eid=31078703%2C31078932%2C31070233&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c25cfe2cfb1705a%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MYg6ElK7xULkAltRm0i6Gw2-F1oJQ&gpic=UID%3D00000ca1dd1eeda5%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MactXszduYmmAypNDozhxTysadpMw&abxe=1&dt=1698198513120&lmt=1698191313&adxs=386&adys=3140&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=153657198.1698198509&ga_sid=1698198510&ga_hid=1371445820&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYw7KTpLYxSABSAghkEjsKCnB1YmNpZC5vcmcSJGM2NTlmNWQ4LTljZTItNGMxYi05YzU3LTliZTBjNjZjN2RmYRjQs5OktjFIABIdCg5lc3AuY3JpdGVvLmNvbRjDspOktjFIAFICCGQSFwoIcnRiaG91c2UYw7KTpLYxSABSAghkEhQKBW9wZW54GIa7k6S2MUgAUgIIbxIZCgp1aWRhcGkuY29tGMOyk6S2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YwrKTpLYxSABSAghk&dlt=1698198506158&idt=1847&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D1_SG_chrome%26browser_hour_refresh%3Dchrome_1_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2270031221&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
378fba0d0f074b8b519180a1968a7ba8d64cd337fc401c9e0e2664779f39e5ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22826
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=142832083690203&correlator=3969476646650961&eid=31078703%2C31078932%2C31070233&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c25cfe2cfb1705a%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MYg6ElK7xULkAltRm0i6Gw2-F1oJQ&gpic=UID%3D00000ca1dd1eeda5%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MactXszduYmmAypNDozhxTysadpMw&abxe=1&dt=1698198513123&lmt=1698191313&adxs=386&adys=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=153657198.1698198509&ga_sid=1698198510&ga_hid=1371445820&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYw7KTpLYxSABSAghkEjsKCnB1YmNpZC5vcmcSJGM2NTlmNWQ4LTljZTItNGMxYi05YzU3LTliZTBjNjZjN2RmYRjQs5OktjFIABIdCg5lc3AuY3JpdGVvLmNvbRjDspOktjFIAFICCGQSFwoIcnRiaG91c2UYw7KTpLYxSABSAghkEhQKBW9wZW54GIa7k6S2MUgAUgIIbxIZCgp1aWRhcGkuY29tGMOyk6S2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YwrKTpLYxSABSAghk&dlt=1698198506158&idt=1847&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D1_SG_chrome%26browser_hour_refresh%3Dchrome_1_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=954629165&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
1c7d4575ee993d34beb5fda5181df3fcdb8530f3c18690026ec7440d68bf039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22752
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=142832083690203&correlator=879441264820717&eid=31078703%2C31078932%2C31070233&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c25cfe2cfb1705a%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MYg6ElK7xULkAltRm0i6Gw2-F1oJQ&gpic=UID%3D00000ca1dd1eeda5%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MactXszduYmmAypNDozhxTysadpMw&abxe=1&dt=1698198513126&lmt=1698191313&adxs=386&adys=4910&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=153657198.1698198509&ga_sid=1698198510&ga_hid=1371445820&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYw7KTpLYxSABSAghkEjsKCnB1YmNpZC5vcmcSJGM2NTlmNWQ4LTljZTItNGMxYi05YzU3LTliZTBjNjZjN2RmYRjQs5OktjFIABIdCg5lc3AuY3JpdGVvLmNvbRjDspOktjFIAFICCGQSFwoIcnRiaG91c2UYw7KTpLYxSABSAghkEhQKBW9wZW54GIa7k6S2MUgAUgIIbxIZCgp1aWRhcGkuY29tGMOyk6S2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YwrKTpLYxSABSAghk&dlt=1698198506158&idt=1847&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D1_SG_chrome%26browser_hour_refresh%3Dchrome_1_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2033950184&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a12bac90dbe527d63e36172160211c2160f368d52fd40c4128b04212f18dd60b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22352
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=142832083690203&correlator=3302524200360985&eid=31078703%2C31078932%2C31070233&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c25cfe2cfb1705a%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MYg6ElK7xULkAltRm0i6Gw2-F1oJQ&gpic=UID%3D00000ca1dd1eeda5%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MactXszduYmmAypNDozhxTysadpMw&abxe=1&dt=1698198513129&lmt=1698191313&adxs=386&adys=5795&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=153657198.1698198509&ga_sid=1698198510&ga_hid=1371445820&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYw7KTpLYxSABSAghkEjsKCnB1YmNpZC5vcmcSJGM2NTlmNWQ4LTljZTItNGMxYi05YzU3LTliZTBjNjZjN2RmYRjQs5OktjFIABIdCg5lc3AuY3JpdGVvLmNvbRjDspOktjFIAFICCGQSFwoIcnRiaG91c2UYw7KTpLYxSABSAghkEhQKBW9wZW54GIa7k6S2MUgAUgIIbxIZCgp1aWRhcGkuY29tGMOyk6S2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YwrKTpLYxSABSAghk&dlt=1698198506158&idt=1847&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D1_SG_chrome%26browser_hour_refresh%3Dchrome_1_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3193284740&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6ceaccfb40a9865c2a2ff446a88a997d661399ec4ed77c3db9e373949b956854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22308
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=142832083690203&correlator=1615978080427416&eid=31078703%2C31078932%2C31070233&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c25cfe2cfb1705a%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MYg6ElK7xULkAltRm0i6Gw2-F1oJQ&gpic=UID%3D00000ca1dd1eeda5%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MactXszduYmmAypNDozhxTysadpMw&abxe=1&dt=1698198513134&lmt=1698191313&adxs=386&adys=6638&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=153657198.1698198509&ga_sid=1698198510&ga_hid=1371445820&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYw7KTpLYxSABSAghkEjsKCnB1YmNpZC5vcmcSJGM2NTlmNWQ4LTljZTItNGMxYi05YzU3LTliZTBjNjZjN2RmYRjQs5OktjFIABIdCg5lc3AuY3JpdGVvLmNvbRjDspOktjFIAFICCGQSFwoIcnRiaG91c2UYw7KTpLYxSABSAghkEhQKBW9wZW54GIa7k6S2MUgAUgIIbxIZCgp1aWRhcGkuY29tGMOyk6S2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YwrKTpLYxSABSAghk&dlt=1698198506158&idt=1847&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D1_SG_chrome%26browser_hour_refresh%3Dchrome_1_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3005325176&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
5788725a96f977266c27037a0e3562a0a2f94a33b0d2986b086cd70b811bfcd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22465
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=142832083690203&correlator=3943659971569196&eid=31078703%2C31078932%2C31070233&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c25cfe2cfb1705a%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MYg6ElK7xULkAltRm0i6Gw2-F1oJQ&gpic=UID%3D00000ca1dd1eeda5%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MactXszduYmmAypNDozhxTysadpMw&abxe=1&dt=1698198513140&lmt=1698191313&adxs=386&adys=7062&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=153657198.1698198509&ga_sid=1698198510&ga_hid=1371445820&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYw7KTpLYxSABSAghkEjsKCnB1YmNpZC5vcmcSJGM2NTlmNWQ4LTljZTItNGMxYi05YzU3LTliZTBjNjZjN2RmYRjQs5OktjFIABIdCg5lc3AuY3JpdGVvLmNvbRjDspOktjFIAFICCGQSFwoIcnRiaG91c2UYw7KTpLYxSABSAghkEhQKBW9wZW54GIa7k6S2MUgAUgIIbxIZCgp1aWRhcGkuY29tGMOyk6S2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YwrKTpLYxSABSAghk&dlt=1698198506158&idt=1847&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D1_SG_chrome%26browser_hour_refresh%3Dchrome_1_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1439766688&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
29d242f1425b4b19b47dca4d80bb0aa3556d98f4650680329bb5e3fac4bbcb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22381
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=142832083690203&correlator=1757643129558494&eid=31078703%2C31078932%2C31070233&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=11&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c25cfe2cfb1705a%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MYg6ElK7xULkAltRm0i6Gw2-F1oJQ&gpic=UID%3D00000ca1dd1eeda5%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MactXszduYmmAypNDozhxTysadpMw&abxe=1&dt=1698198513145&lmt=1698191313&adxs=386&adys=7947&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=9&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=153657198.1698198509&ga_sid=1698198510&ga_hid=1371445820&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYw7KTpLYxSABSAghkEjsKCnB1YmNpZC5vcmcSJGM2NTlmNWQ4LTljZTItNGMxYi05YzU3LTliZTBjNjZjN2RmYRjQs5OktjFIABIdCg5lc3AuY3JpdGVvLmNvbRjDspOktjFIAFICCGQSFwoIcnRiaG91c2UYw7KTpLYxSABSAghkEhQKBW9wZW54GIa7k6S2MUgAUgIIbxIZCgp1aWRhcGkuY29tGMOyk6S2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YwrKTpLYxSABSAghk&dlt=1698198506158&idt=1847&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D1_SG_chrome%26browser_hour_refresh%3Dchrome_1_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2398841691&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2496005d1b2e22357da40b67d30c56dea5dff19ce85fcf0cd247202ac4ecc67c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22610
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		43 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=142832083690203&correlator=2490464090260401&eid=31078703%2C31078932%2C31070233&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=12&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c25cfe2cfb1705a%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MYg6ElK7xULkAltRm0i6Gw2-F1oJQ&gpic=UID%3D00000ca1dd1eeda5%3AT%3D1698198509%3ART%3D1698198509%3AS%3DALNI_MactXszduYmmAypNDozhxTysadpMw&abxe=1&dt=1698198513228&lmt=1698191313&adxs=1140&adys=459&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&ga_vid=153657198.1698198509&ga_sid=1698198510&ga_hid=1371445820&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYw7KTpLYxSABSAghkEjsKCnB1YmNpZC5vcmcSJGM2NTlmNWQ4LTljZTItNGMxYi05YzU3LTliZTBjNjZjN2RmYRjQs5OktjFIABIdCg5lc3AuY3JpdGVvLmNvbRjDspOktjFIAFICCGQSFwoIcnRiaG91c2UYw7KTpLYxSABSAghkEhQKBW9wZW54GIa7k6S2MUgAUgIIbxIZCgp1aWRhcGkuY29tGMOyk6S2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YwrKTpLYxSABSAghk&dlt=1698198506158&idt=1847&prev_scp=pos%3D2%26monu%3D300x250-160x600-300x600_B2%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D1_SG_chrome%26browser_hour_refresh%3Dchrome_1_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3203255897&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
c86cde7425d6bc09ffe4d91251e93eabf61242c2e844ff629aa808b9f3b74a17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20756
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 79E1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Thu, 24 Oct 2024 01:48:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=p.f.i&u=JYM01M&d=%7B%22b%22%3A%22chrome%22%2C%22c%22%3A%22CH%22%2C%22r%22%3A%22SG%22%2C%22p%22%3A%22%2F%22%7D
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:06:10 GMT
age
2551343
x-guploader-uploadid
ADPycdvOeTSeHk66du2fNq1BXpRu1iH7OtxvtA01QLH35dbJZ5liU5KGDE43-pzq-l_1EvkHxrEEcWUQX9iKLyzeN7LfCZny4mQ5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 13:06:10 GMT
sd
eu-u.openx.net/w/1.0/ Frame BB4A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8508965629740719938
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8508965629740719938
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8508965629740719938
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame BB4A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fa062ab8-a65d-864f-9a81-b2a48d6df7d3
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fa062ab8-a65d-864f-9a81-b2a48d6df7d3&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fa062ab8-a65d-864f-9a81-b2a48d6df7d3&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 01:48:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JKRHV4BYN7T75J76VFZY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 01:48:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S65T42YA1M6NBENBVFH1
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fa062ab8-a65d-864f-9a81-b2a48d6df7d3&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame BB4A 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a2d056c5-baf7-3db5-5a8f-3033e55e3c33&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame BB4A 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGViZjg1MGYtNzM4MC02MzExLTRmNmYtNmE4YTJmYmNmMjUz
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BB4A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH0gbkwdJqDo6Vusr5daRi0&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH0gbkwdJqDo6Vusr5daRi0&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH0gbkwdJqDo6Vusr5daRi0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
s.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://folkd.com
Date
Wed, 25 Oct 2023 01:48:33 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
creative__300x600_previous_gen_widget.css
widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/ Frame AC03 		482 B
810 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/creative__300x600_previous_gen_widget.css
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 05:48:33 GMT
date
Wed, 25 Oct 2023 01:48:33 GMT
last-modified
Tue, 22 Aug 2023 10:30:49 GMT
server
AkamaiNetStorage
etag
"9d8b870db69e4f578fee693ff233fc33:1692700772.366871"
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
482
access-control-request-headers
X-OB-STG,X-OB-PRD
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame AC03 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 01:48:33 GMT
date
Wed, 25 Oct 2023 01:48:33 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
/
b1t-eudc1.zemanta.com/t/imp/impression/GOSRFR4ER5B5MRBVZ32AJZCW7VEWNYYJWUBAVYFGQCFWSRHLCBITVIH5ON66D74NZPBYY3AVAB5NXZOW5V6SRW766SYALXSIGNDFWYGWDOSL3ZFR6HJY6E3D6ALKW545YINOD5EJWVS46BAIX56NNXVTSZ6HOV... Frame AC03 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/GOSRFR4ER5B5MRBVZ32AJZCW7VEWNYYJWUBAVYFGQCFWSRHLCBITVIH5ON66D74NZPBYY3AVAB5NXZOW5V6SRW766SYALXSIGNDFWYGWDOSL3ZFR6HJY6E3D6ALKW545YINOD5EJWVS46BAIX56NNXVTSZ6HOVWAHYFITV2JKNEDKHOZPCR3MSCCFZSFSADCDBHISKZUSWUCYB4443UUHYSG4NXVVKXIH4BDTRLBZZWGFSO3VLDTKGK5EPPHOQNBUCWI2B7HT7X5VXC6QBQTYKFFGDFMC3MZE3LA4PTXFTXZWJBWODSIJ7NPDPHGBAMCFY3OPXWGSFQNJHBNUYIHYDUTZLITJ37UV37UXKA/?
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.224 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 01:48:33 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
json
gum.criteo.com/sid/ Frame D53A 		436 B
555 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=folkd.com&sn=ChromeSyncframe&so=0&topUrl=folkd.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
63d1137a8a5b1862bee35e1318311de2cbdbc04b0a35b4a9ff08b94b1a8e11ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1316281
expires
0
container.html
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B73 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Thu, 24 Oct 2024 01:48:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AFA4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Thu, 24 Oct 2024 01:48:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ECD5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Thu, 24 Oct 2024 01:48:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4BA1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Thu, 24 Oct 2024 01:48:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 79E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXo9l7nM4Za--OZSi-gal-ZKQDYf0kpBc6Oum6fUEwI23ARABIABg9YWAgOAEggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBOABT9ABy-4UAxUr4hoXiRB8XwXRXa7dhB9ub-SgGlrhoxiph7cnM1tGdEb2Z5kYpqbSJbYfCH9FgiN9tcnsLgLARg9YnQALnpTstqF7v7OTDxdK5kBPzY1f0IiMEzqFHdT69UgMQwevssf3x91bjCFJ_SR3kod48ANqZzdJJ-8feZ4Ec7IoApUwqJnTO6fZl_w_YETodnYQrcMKCe0LXytf4ONMQ71GFpIOfu31BvAU9mwpl31MlhZ2tapm21aTvfMLfQ8AU11Rjwi5fssQxQTncOwocruuEHEObQHsp8wfBYzgBAGABsnXhOzgxtqrAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=3Mzt7R7y7Lo&uach_m=[UACH]&cid=CAQSOwDICaaN21-5MQm4nhl8VzcV5Zr-Z66zHAl8mGE4wi3YTnIc-g0isPQW7gaWfVGus04xfIKPkT4L4dbBGAE&tpd=AGWhJmuXYPIbDr-1Agr-QS2eXsDGPqXjhy0h2BkXwfwUFHTEkz4p3-LK1et_HxFjY0fiDZLwuq9AO9ieAGq6IYzsh4HeXqimdAFNXglOXZHq5hHtME6iP8B9DIvew0RRvzTjqqJu_DUq4XkHprFTxMv4zy4eFCqD8sjJY4KSR-IjKDwXb3FIHM5ynKCumPsEQ2sIR6jNqCozV4Qm5cxb6oPbqfmvCil8Hfk5cCt9VAw5y94jxG8xEQ8B4uWjN2IEMgNfg8dLAHipBQ8EIms8j-z9bsgzVWd-PhqbUxkUpYTczkIV3z2tCVzE4FgDcKBQbv6y0HrDvT9vwxhZrDAbQSbCe5j22ISOQ8d5GSMAmsoeMY63eiYExiIvX2CGRCZBHMi4k7B5P5A5lNn49aVVncfLeJK7h25b5gZ-rm_mHGHfW7McmJUS5Q8c4vd_DapcwDLBQc-pzH0M0Jy7bAmbQU9bxSP4yq9clwpr3fmob3XX6erqeVi_fsRg84AHYrmrxtK6EuDKaIuir9MUmFeDWU97Yws6WD1kcAxNF9UKyT2MwVRcmrbDooxfCJWSD3nq_ASVb9BsqMz_Ha2oEMnSnkiI4RJjeQZC_2breCN3H6DX46YuSjvI-7yYWtGIb8f_N04CbeXXEAHoeX790V5kV_R9-ODTgfREoccpeNNHXYSILins91k31MZPARGoMPuTLSDWWPiLZ7U1xElgqVGth2khqjGoMBBqDnauuS5zPxBH17j_qzpJIqMZQMyALl816DhEEt4gT0N1y7yVM2TZWn0Mdft3SwB0WGDz2wkZH2mLM3u6wexc5OkRs10A
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ym.0.js
static.yieldmo.com/ Frame 79E1 		469 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.0.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ff77c383aae101d2445f3e8098d86f9b495f0483c41c29a02279afb092f5b74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9xkbs4kRdqrAOxgSC7brR1XneW_ux7FJ
content-encoding
br
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 22:01:17 GMT
x-amz-cf-pop
FRA60-P5
age
14220
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 21:04:02 GMT
server
AmazonS3
etag
W/"43f5d34351c02087dfe277c23fdc7dda"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
gDJB2rlSMyzs-706bD8O5icIEy7pSTNQ26BFMVnHdIRxh8_sQRFL3w==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 79E1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 88EE 		1 KB
887 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
6687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 79E1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame 79E1 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3391854045410039673&pvt=1698198511013&plid=2521236318193655889&imp=9020999600708608140&rep_meta=dqercb_DA95RPbqz1L-N6OyRpfA_5JvI3RutqPk9w4o4j8CBu3nlBqtXMTwIvH-kdgTXC_80O3OdqoJKLEm6BOsfxEai5TK32y9re6VLdM3xNZrBFDTKC2caJOwdahsHBlopR3ueAlY-9O5Bl3I04_31ZKzO6Y61K6mpoSiubG0N7R84bE6vcYNoLpNtXLJFKqkRSzZL--uu7Ik7TBKU6aYR1ihBGETBEDXScq1Hs6CKnbtSES5QdNP-K6j1Xr8Og5kd99TgnkcOWnHVyXEOXKKWvcXvl-Adh3-UKyN6pEu34u8sLn5NnnxgaIh_pMCuSr37Lvwu1HkgwmXDCGNGP_Aj6iPzQQBwKSDkem8AkNaq3J7n2m8owSvgONuDQhbxZ56piU5qxfxsu3uoLRoa4O5_4JVI1MYTBJJQN5k1QjQ
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
l
www.google.com/ads/measurement/ Frame 79E1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQy4_tXsPR-3IyQbr6POyXeLxBDLik-cZFAxZjmfi22SOcxMS9-HI6cAkEQIFc-hCl_nz91wJsHg58FgfDyuQVWSdW-aw
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 79E1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
553374
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 79E1 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:34 GMT
pixel
protected-by.clarium.io/ Frame 79E1 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hdi89qck&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi1hZCJ9fQ%3D%3D&cb=4748234&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.16.243.247 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-16-243-247.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:34 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
container.html
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DF2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Thu, 24 Oct 2024 01:48:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B86F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Thu, 24 Oct 2024 01:48:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B30E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Thu, 24 Oct 2024 01:48:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Thu, 24 Oct 2024 01:48:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2196 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Thu, 24 Oct 2024 01:48:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB6B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:30 GMT
expires
Thu, 24 Oct 2024 01:48:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ym.1.js
static.yieldmo.com/ Frame 1B73 		469 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.1.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ff77c383aae101d2445f3e8098d86f9b495f0483c41c29a02279afb092f5b74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 06:09:09 GMT
x-amz-version-id
8SKoplQBDf0hvGGgw9uOGFrH643xrYFF
content-encoding
br
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
70765
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 21:04:02 GMT
server
AmazonS3
etag
W/"43f5d34351c02087dfe277c23fdc7dda"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
BOmDiOT_M_pKmBhEa2IDOsk1XV6bb227xkHS_xY5OPEMTVcShHkBoA==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1B73 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 46D0 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
6687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1B73 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame 1B73 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3391854064317961638&pvt=1698198513267&plid=2521236318193655889&imp=8491056163408216296&rep_meta=dqercb_DA95RPbqz1L-N6OyRpfA_5JvI3RutqPk9w4o4j8CBu3nlBqtXMTwIvH-kdgTXC_80O3OdqoJKLEm6BOsfxEai5TK32y9re6VLdM3xNZrBFDTKC2caJOwdahsHBlopR3ueAlY-9O5Bl3I04_31ZKzO6Y61K6mpoSiubG0N7R84bE6vcYNoLpNtXLJFKqkRSzZL--uu7Ik7TBKU6aYR1ihBGETBEDXScq1Hs6CKnbtSES5QdNP-K6j1Xr8Og5kd99TgnkcOWnHVyXEOXKKWvcXvl-Adh3-UKyN6pEu34u8sLn5NnnxgaIh_pMCuSr37Lvwu1HkgwmXDCGNGP_Aj6iPzQQBwKSDkem8AkNaq3J7n2m8owSvgONuDQhbxZ56piU5qxfxsu3uoLRoa4O5_4JVI1MYTBJJQN5k1QjQ
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
l
www.google.com/ads/measurement/ Frame 1B73 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGM7bAL1tVRxi7_bMwVnOm6LVRk_ia7DhiWQbaAj2qJYcqSlNPZEVy-XMLOXiRr0VoUTvRTZiB8q-t55N4C3OUshbQwQ
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1B73 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
553374
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1B73 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:34 GMT
pixel
protected-by.clarium.io/ Frame 1B73 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hdi89r39&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi43LWFkIn19&cb=5101145&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.16.243.247 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-16-243-247.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:34 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ym.1.js
static.yieldmo.com/ Frame AFA4 		469 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.1.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ff77c383aae101d2445f3e8098d86f9b495f0483c41c29a02279afb092f5b74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 06:09:09 GMT
x-amz-version-id
8SKoplQBDf0hvGGgw9uOGFrH643xrYFF
content-encoding
br
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
70765
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 21:04:02 GMT
server
AmazonS3
etag
W/"43f5d34351c02087dfe277c23fdc7dda"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
YgF5lZ9kkZf3mRnNCJ3jBzH9XyfnnEAaHrfHQXAQ5OAOYQoFMtR4Lw==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame AFA4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EDAB 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
6687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame AFA4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame AFA4 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3391854064309599779&pvt=1698198513266&plid=2521236318193655889&imp=2421604430217905987&rep_meta=DpuWrUB5uqNskCOgZkDMrDkh0Cu_rPhFEcWkhA0R0X2wB2y03_7mwwvTbuCuKkJ4moUOUWetiIXvwjfjcxcsA0ig31XlUfm5C6bMXY9_pDTK8u_chLAay3CTQce4L9Okwu0UN0gxh_sND7PpQcw8moIRNusGQ8I1uc031oAjxzAf1ta0kr67WHFXB7s9e640jSqa7Pmq1Zz2de7HGFsUcx6oqPU2wvLR1sbk_KvqgmVFmWdvz2WgF2xfFH8bPfjQOGnZXQSTzH_MxOos_OUBGJ7QW_vPhBnAh_G37VLhrQgC6Twwdj9A28tEsWSy0J4kr__7v0RsRhoyBgrzGVQPM58TQIeIUlYY0g5IIjQTJcgwisWGQmZxEJvmWLUzZQd7KM6vjnEw1KNtj8Sdmp9dOCvpqrKmiLrqfsO74MHQRqA
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
l
www.google.com/ads/measurement/ Frame AFA4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXZ73udgCwthCwnefLhl6ArQ5V49wJw3eCMjKOBKPFr8_Cx9v27EqKXs_Yt9grtrpPW0zy1pOnpzw_-JApIhFZqnGI7g
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AFA4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
553374
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AFA4 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:34 GMT
pixel
protected-by.clarium.io/ Frame AFA4 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hdi89r6o&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi4zLWFkIn19&cb=327853&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.16.243.247 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-16-243-247.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:34 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ym.0.js
static.yieldmo.com/ Frame ECD5 		469 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.0.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ff77c383aae101d2445f3e8098d86f9b495f0483c41c29a02279afb092f5b74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9xkbs4kRdqrAOxgSC7brR1XneW_ux7FJ
content-encoding
br
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 22:01:17 GMT
x-amz-cf-pop
FRA60-P5
age
14221
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 21:04:02 GMT
server
AmazonS3
etag
W/"43f5d34351c02087dfe277c23fdc7dda"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
n6XWLtgAUlNDj5XLvOxnJsh-VAnJe4epVnB4fPoymIeMdtVmARed7A==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame ECD5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CEBC 		1 KB
681 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
6688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame ECD5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame ECD5 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3391854064334738859&pvt=1698198513269&plid=2521236318193655889&imp=8620885078136118730&rep_meta=dqercb_DA95RPbqz1L-N6OyRpfA_5JvI3RutqPk9w4o4j8CBu3nlBqtXMTwIvH-kdgTXC_80O3OdqoJKLEm6BOsfxEai5TK32y9re6VLdM3xNZrBFDTKC2caJOwdahsHBlopR3ueAlY-9O5Bl3I04_31ZKzO6Y61K6mpoSiubG0N7R84bE6vcYNoLpNtXLJFJ16pTpAZmOmnyoDAike5KHmoKQjP2O9SgRArIqrAka67XTEweHtaxaAbJr8qNCpShDQ4pBG3pTdY4SlDmlqWQiT5VkEnjacVXpL0fd12d8hCxtAEAWjRjj1qfqvvQ4Z_Ryblxu9ms3-SdvwY02DJi4dWs-Sd54JwHAazG2rnzHJpILfq1pZest1okwFXZbCls8qNu2qY0325nPkU7Y46MYBan4L7b5UZxXhIpQJ7In4
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame ECD5 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
553375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ECD5 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:35 GMT
pixel
protected-by.clarium.io/ Frame ECD5 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hdi89ra1&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi42LWFkIn19&cb=6294514&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.16.243.247 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-16-243-247.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ym.1.js
static.yieldmo.com/ Frame 4BA1 		469 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.1.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ff77c383aae101d2445f3e8098d86f9b495f0483c41c29a02279afb092f5b74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 06:09:09 GMT
x-amz-version-id
8SKoplQBDf0hvGGgw9uOGFrH643xrYFF
content-encoding
br
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
70766
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 21:04:02 GMT
server
AmazonS3
etag
W/"43f5d34351c02087dfe277c23fdc7dda"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
0TWNksqNDq2K9X1DbPsyWJfcGQO3jLFuKLdo1-55ci7XUEHG5ohrbQ==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 4BA1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2B66 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
6688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 4BA1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame 4BA1 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3391854064443794120&pvt=1698198513282&plid=2521236318193655889&imp=3723038705133902904&rep_meta=emS-yqXPe3EZzINtYqSE5_n_vxmYSaS1uZWWgVAd-ATLdLZO5454Vv7hIQ8khMSakFbPqZtT1ZVvuVmrrUS8PgpDZ0B4CsQXab6B9JuP9dDJ8OuJUNHi9jVr9vo3K8wqohUjdsHnjZUQ4Pl61QW59yeliqW2zLxk0knt67mbGNuNOmIXTBNPMFZar7k1H5Bti-Ek43htT_4idC1iu1PjPaX4W1nggngS1xw2objAln1YEajJPUSKJae8IIBIGobbGot8rgQR-Mhl1GSl2p2j2y5maC2iPX_-4ptqzDd9gWvojPIWpob4M7oOOJLcqMmpr92T__Rcsdro7rt3F1YFAO-Fo9rAkUusujjC-S8JB6lnCeyxL32QjHHT_Pug2IoRKYBZPxKd-dYZot_dWPGUL3GMHvCVlU-7eRiNRLkQUNk
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
l
www.google.com/ads/measurement/ Frame 4BA1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYfY61oF0k-k2uDnkhepfPub4UfdkEbIBtfwZMZiKPipTk7rij5S8tF-zVDZHqPaz2h_XBFPTr1Jndciq62M6FdQaZKw
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4BA1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
553375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4BA1 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:35 GMT
pixel
protected-by.clarium.io/ Frame 4BA1 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hdi89rdq&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi44LWFkIn19&cb=6885355&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.16.243.247 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-16-243-247.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ym.1.js
static.yieldmo.com/ Frame 1DF2 		469 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.1.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ff77c383aae101d2445f3e8098d86f9b495f0483c41c29a02279afb092f5b74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 06:09:09 GMT
x-amz-version-id
8SKoplQBDf0hvGGgw9uOGFrH643xrYFF
content-encoding
br
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
70766
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 21:04:02 GMT
server
AmazonS3
etag
W/"43f5d34351c02087dfe277c23fdc7dda"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
YgPeI0L2IKTIngDCZufVMf1EV_v8J4I0aa9YLVimi4GOIssaMw4Tzg==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1DF2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1626 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
6688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1DF2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame 1DF2 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3391854064334766635&pvt=1698198513269&plid=2521236318193655889&imp=2502587597932613978&rep_meta=YOsfAM6jOD_t9xPsWarSs7HXW1J3HCeRo2_yxKY5g6_vXrO_LgV4uEC9aO568CKUNCY5n3qHcBq2G3VYMVGJBbxyF6HTT2hgG0zxJ4rDdQSBRbF4eQ0ycRQuJjGfhAiG6lazIiWUMlPn0LAs7fxz8bKWEqutf4ZStwooY_jzokoVm__2M8PTsl4d0VrFQaUVnQL6XrTCm4bgI1P5OL5J3-33v-_B0MtxoojMOtrrluFkAMhxeolos8NQLwlDgvFUuwEcXqCNoIcdOXPnJ9MGoVPz835kKnBX_4xLH8pnKtN07w9jji9zRonFeMG_k3p0eLo8ix0ce21_9dAQXvTKljidcFKptfHW7hqlcIwBzbZs91iocQlDAxCWjijxxneav8pug2u--6aJDpcf3oPXd2HBcumSIo8Kqhb1GtZ4HBk
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
l
www.google.com/ads/measurement/ Frame 1DF2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuF3Rfm6SkkWTqTg1TwjOzrYcOZz3N5NDsBdl6JiV3i6SK7AhDZcAyq0PpzSLSN-1qXCZsFZv_D-P_a1uqLsj-roLcMg
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1DF2 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
553375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1DF2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:35 GMT
pixel
protected-by.clarium.io/ Frame 1DF2 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hdi89rhh&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi41LWFkIn19&cb=1884046&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.16.243.247 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-16-243-247.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ym.2.js
static.yieldmo.com/ Frame B86F 		471 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.2.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
335480e92d7743f5fe7da236a30eeb2df9248640a0773c7f8dcbb30efbbeb00d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Rh9r6R.EeWyUowqNuHZ4aJQ20xLZonNa
content-encoding
br
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 13:55:31 GMT
x-amz-cf-pop
FRA60-P5
age
42785
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 21:04:01 GMT
server
AmazonS3
etag
W/"900f2702bf94fe918725134eea55b6e7"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
kIcvhZAFpcMZVwzC0oGsXBu678l5EB0iPpml-cKp3McYSvqXqsRUzg==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame B86F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1BE4 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
6688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame B86F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame B86F 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3391854064368320052&pvt=1698198513272&plid=2521236318193655889&imp=580290357895281548&rep_meta=DpuWrUB5uqNskCOgZkDMrDkh0Cu_rPhFEcWkhA0R0X2wB2y03_7mwwvTbuCuKkJ4moUOUWetiIXvwjfjcxcsA0ig31XlUfm5C6bMXY9_pDTK8u_chLAay3CTQce4L9Okwu0UN0gxh_sND7PpQcw8moIRNusGQ8I1uc031oAjxzAf1ta0kr67WHFXB7s9e640jSqa7Pmq1Zz2de7HGFsUczYeF1gf6OfTC0aWOWKd9Ho0iLMUJ5ZvPMENnqLwRG_wzVv8hacV9Zd17DYLm43M8K2p1Aggng9Ej03adikTv_7ujm9rkeK2gtZVRGrDqN8szV9XC-r59QeO-C2wkfPxgUFxXLD6KB1Xqm54RVSZyHWaIULGYhvXv1EAKGmcT1q2rOJFKgfe71rzt_KRKGDp9sOJ-J1SVtpvKtIvrGzpNz8
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
l
www.google.com/ads/measurement/ Frame B86F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSd_T22c1Lgcmm7TJRvmmJ_YYx5Y_yh6pE4uClhTeQEeHS9ZzM3NdxBJx_8AQ1XxdGoHEHMLTsC0an9SRmxFuIE-avyrw
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B86F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
553375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B86F 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:35 GMT
pixel
protected-by.clarium.io/ Frame B86F 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hdi89rkr&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi45LWFkIn19&cb=937058&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.16.243.247 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-16-243-247.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ym.0.js
static.yieldmo.com/ Frame B30E 		469 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.0.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ff77c383aae101d2445f3e8098d86f9b495f0483c41c29a02279afb092f5b74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9xkbs4kRdqrAOxgSC7brR1XneW_ux7FJ
content-encoding
br
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 22:01:17 GMT
x-amz-cf-pop
FRA60-P5
age
14221
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 21:04:02 GMT
server
AmazonS3
etag
W/"43f5d34351c02087dfe277c23fdc7dda"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
edA7jhs5MGaCfcXnPi2LxRKrpwagoYTlrCOSj45GQJhlS3Rjk1OlfQ==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame B30E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5661 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
6688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame B30E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame B30E 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3391854064452182730&pvt=1698198513283&plid=2521236318193655889&imp=5017925011047541814&rep_meta=emS-yqXPe3EZzINtYqSE5_n_vxmYSaS1uZWWgVAd-ATLdLZO5454Vv7hIQ8khMSakFbPqZtT1ZVvuVmrrUS8PgpDZ0B4CsQXab6B9JuP9dDJ8OuJUNHi9jVr9vo3K8wqohUjdsHnjZUQ4Pl61QW59yeliqW2zLxk0knt67mbGNuNOmIXTBNPMFZar7k1H5Bti-Ek43htT_4idC1iu1PjPaX4W1nggngS1xw2objAln1YEajJPUSKJae8IIBIGobbGot8rgQR-Mhl1GSl2p2j2y5maC2iPX_-4ptqzDd9gWvojPIWpob4M7oOOJLcqMmpr92T__Rcsdro7rt3F1YFAO-Fo9rAkUusujjC-S8JB6lnCeyxL32QjHHT_Pug2IoRKYBZPxKd-dYZot_dWPGUL3GMHvCVlU-7eRiNRLkQUNk
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
l
www.google.com/ads/measurement/ Frame B30E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcEfGeALwdHTj7Zb8-gJQBYDhtitLgvw9RWLLSKuq-2lBGSLqaVTaD5M61tnJ_3_Z6bnb2H-yjnMFamGl7Yo1FQbpggw
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B30E 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
553375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B30E 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:35 GMT
pixel
protected-by.clarium.io/ Frame B30E 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hdi89ro2&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi4xMC1hZCJ9fQ%3D%3D&cb=52335&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.16.243.247 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-16-243-247.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ym.1.js
static.yieldmo.com/ Frame 04C9 		469 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.1.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ff77c383aae101d2445f3e8098d86f9b495f0483c41c29a02279afb092f5b74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 06:09:09 GMT
x-amz-version-id
8SKoplQBDf0hvGGgw9uOGFrH643xrYFF
content-encoding
br
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
70766
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 21:04:02 GMT
server
AmazonS3
etag
W/"43f5d34351c02087dfe277c23fdc7dda"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
_b0d958V5XgAHvWwxAWZOos82J_0wojLwof_Q8FjHyhI0lv8Yehplw==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 04C9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5D95 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
6688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 04C9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame 04C9 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3391854064309576353&pvt=1698198513266&plid=2521236318193655889&imp=7582215074896992146&rep_meta=emS-yqXPe3EZzINtYqSE5_n_vxmYSaS1uZWWgVAd-ATLdLZO5454Vv7hIQ8khMSakFbPqZtT1ZVvuVmrrUS8PgpDZ0B4CsQXab6B9JuP9dDJ8OuJUNHi9jVr9vo3K8wqohUjdsHnjZUQ4Pl61QW59yeliqW2zLxk0knt67mbGNuNOmIXTBNPMFZar7k1H5Bti-Ek43htT_4idC1iu1PjPaX4W1nggngS1xw2objAln1YEajJPUSKJae8IIBIGobbGot8rgQR-Mhl1GSl2p2j2y5maC2iPX_-4ptqzDd9gWvojPIWpob4M7oOOJLcqMmpr92T__Rcsdro7rt3F1YFAO-Fo9rAkUusujjC-S8JB6lnCeyxL32QjHHT_Pug2IoRKYBZPxKd-dYZot_dWPGUL3GMHvCVlU-7eRiNRLkQUNk
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
l
www.google.com/ads/measurement/ Frame 04C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8WjUtm7kWKDqmd0zuquliCAbvYqUvQYTHLPSogDdrB7OsMOxZ7xaDNiLKpNYhUVn5BR36uaq-LKQ9xzuPuU7vCjRmaQ
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 04C9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
553375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 04C9 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:35 GMT
pixel
protected-by.clarium.io/ Frame 04C9 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hdi89rrs&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi40LWFkIn19&cb=4072693&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.16.243.247 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-16-243-247.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ym.0.js
static.yieldmo.com/ Frame 2196 		469 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.0.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ff77c383aae101d2445f3e8098d86f9b495f0483c41c29a02279afb092f5b74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9xkbs4kRdqrAOxgSC7brR1XneW_ux7FJ
content-encoding
br
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 22:01:17 GMT
x-amz-cf-pop
FRA60-P5
age
14221
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 21:04:02 GMT
server
AmazonS3
etag
W/"43f5d34351c02087dfe277c23fdc7dda"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
3BMogA6Enf4lNa0XWIqtoyIqPeKmQWEHjaKERXKX7LeAbzPRMLgeUA==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 2196 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6270 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
6688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 2196 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame 2196 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3391854064695449113&pvt=1698198513312&plid=2521236318193655889&imp=6341099763066480723&rep_meta=dqercb_DA95RPbqz1L-N6OyRpfA_5JvI3RutqPk9w4o4j8CBu3nlBqtXMTwIvH-kdgTXC_80O3OdqoJKLEm6BOsfxEai5TK32y9re6VLdM3xNZrBFDTKC2caJOwdahsHBlopR3ueAlY-9O5Bl3I04_31ZKzO6Y61K6mpoSiubG0N7R84bE6vcYNoLpNtXLJFKqkRSzZL--uu7Ik7TBKU6aYR1ihBGETBEDXScq1Hs6CKnbtSES5QdNP-K6j1Xr8Og5kd99TgnkcOWnHVyXEOXKKWvcXvl-Adh3-UKyN6pEu34u8sLn5NnnxgaIh_pMCuSr37Lvwu1HkgwmXDCGNGP_Aj6iPzQQBwKSDkem8AkNaq3J7n2m8owSvgONuDQhbxZ56piU5qxfxsu3uoLRoa4O5_4JVI1MYTBJJQN5k1QjQ
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
l
www.google.com/ads/measurement/ Frame 2196 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVQgkNl7xezBtBQ1-JdoBcmlwdagzLxLL9qOJryBNZ171CAADL0UK8LuFcjV-mqAz8Gs-mOvCGAgfWivwstxBFBs0lkg
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2196 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
553375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2196 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:35 GMT
pixel
protected-by.clarium.io/ Frame 2196 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hdi89rvg&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi4yLWFkIn19&cb=9689410&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.16.243.247 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-16-243-247.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CB6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1dfJ8XM4ZfbgEuaB1PIPhPGFcIf0kpBc6Oum6fUEwI23ARABIABg9YWAgOAEggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBNsBT9AE9jbPKltmsyD7sqoHF2CYMChGQ4qysWjvK2ck_iJ9MckDfiejcInYH-FXcP5brjvhgOCCE8YDcFBe7iJOcjELZpL6QbJ-0zJf7ajr2F-imL3lJ4fhxvF3c5LHWMOzEeNSUMPOVHQVx2DN4lfA4WDQUmMbsof3VYQcgEc_jtP-7fs5tz545GxeP0qOt09co7ug_EunQCZqvHf4j4q3SW680RPva8ayiw_M9FXKI8P-71_8UxO6hq0Jw2AuKEYRDPTwU7s3b3ZMh1syoeb6hBV_v-mdHIWaGoS-4AQBgAbJ14Ts4MbaqwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=fR1G5Ask--w&uach_m=[UACH]&cid=CAQSOwDICaaNKkpiYqk8Irjvj6X53I1PV3qG7J0JuIh2hIElHd2ZywnGdqrVk_3NGTMO2UbebuAdWoSENh2rGAE&tpd=AGWhJmuFq7KZIvKXQMJfgyeOK7LkWFPa23TUx1ZpLyHlNpv8IBwBa39ko4GMKB04eRqYo8rOCscjcTLfHF1wcD8viIHemWmlU9ZDg-qkbOMBKcqyV4J5SEBB5sTC_Ug607MLpVXtkty1ZPMf_hnYSaQcwZtttIvFDz9eK43dltssE8-_Fd-TB3Wrvnkymsvw_N1kV12t3HtMkdrJ1dvW0RMPyXgODnrki80aWHmfBX19_lEkh9AKkFxZLllUykKo47Eod-urwo8xTZMST-__dyvsu3VY5Vqn4CEBHIs0bI3o0eVGy2KtjlUJWMwf6Y1XdXQ4VmyAZOeqobV4xRBX4iFrUBmLkvckKGJCapKhtArFuZvv23jGmXpwmuQ5mlKAM_OSeivgpbtcK1ufoB5YBDw4KvXYHaxiunrXSFFA-cgzNE7Z5zzZU9thW6u-MgCHnkiiXmXFwOnMVDfjpeOXQfpEvPD7GS4BahXVo8k0VwSojRog8pGmvaS7UAu_u_NKBn5MSdeCyLtEuOZT0MgX03vCIUkH75QV1SqSxXvDiLSFKFc4HNvivmGZOt7ynh0ItpJK62uUYeDcYBlRIYdzOmMccBVvT3OK5xWlVM9uAzU_LS6cbjRl7IGi6kUB1GE43EPPK5X4X6fymyBH9uV9rS4zY3tLyJynHXL60yQ5lSPTs72T1gsKneh4D4geGqEe-npLmNcbX5G1YRdPutxdJqWNraSQeBpcb05W6opcw6aqi4kUROuJs00W4cU6PmmcyESttIk789dqHHhL5TgiFloqwDFErtIAx5qrk_ym2-CHNRd1-2SYmF71J5U
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ym.0.js
static.yieldmo.com/ Frame CB6B 		469 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.0.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ff77c383aae101d2445f3e8098d86f9b495f0483c41c29a02279afb092f5b74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9xkbs4kRdqrAOxgSC7brR1XneW_ux7FJ
content-encoding
br
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 22:01:17 GMT
x-amz-cf-pop
FRA60-P5
age
14221
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 21:04:02 GMT
server
AmazonS3
etag
W/"43f5d34351c02087dfe277c23fdc7dda"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
HwdAeLK0Gro-hAiGSnauZQa3i1DyQB9VSGGL7Z7-i3Bf9fjwgNA0cQ==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame CB6B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3E83 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
6688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame CB6B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:23 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame CB6B 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3391854065198792502&pvt=1698198513372&plid=2521236318193655889&imp=971703737330718920&rep_meta=DpuWrUB5uqNskCOgZkDMrK6976PpJn6eX7Jei9_5tO8PHNXZvON7X5xGjKT0duZTXywyQadQB0ORwn7RkCg5byH_hwo8KP1nw4RzF2E49arOhP76x4nvgEo-G7cg8Ad0cg1NATyp6pobtObNZe6Vfc41v0NZPz-tzDG0iS4B8GALVS1mXL0dx0DyyO5COLlMMcou9rdAeWbhog2sWCXNski-_3pgrv0mzZeLbbmUGQrQIa4A-ImZ8U4UjaFTCiwCli6dtuLE8JOKjdz6lgJgNP6IGY_NsSLe75zjIvVSZhOAmt8Z2MekK3_Ud23n7SYWTIOPD1gvg7OEDW_1ggOx4s7mNM8MJhuVZqmyzMuvnwKnzvPw4OE56GpKTDQLJNtK99Hgsvp2grF77Babeq8m365kfw1Yy5i6rG5hTTNMqm8
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
l
www.google.com/ads/measurement/ Frame CB6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8_fdyTnLFWr5IDvj3ZHccISngAkrjozYxQoxFgxOSwqfbZn1TzC17rljGQTIjBpTjY6K34o8vt8iemFcmFids-22SNg
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CB6B 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
553375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Oct 2024 16:05:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB6B 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:35 GMT
pixel
protected-by.clarium.io/ Frame CB6B 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6MzAweDI1MA==&v=5&s=v31hdi89s3f&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERTLkIiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTI4ZjgxOTY4LTc2MzctNGU1OS1iMjc2LTY0ZmU4NTI1YzFkYy1hZCJ9fQ%3D%3D&cb=6375928&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJjbyI6NDg5NTA2NjMwMSwidyI6IjMwMCIsImgiOiIyNTAifSwid3IiOjZ9
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.16.243.247 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-16-243-247.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 88EE
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELinqjiMucWKJM2-sC_bkZI&google_cver=1&google_push=AXcoOmQnN1DtS3l9A-rk6QZKtSFdhg7IpepoqFv7NsA0bX3Cu7lSNoUjJhHEha4gMR2YGKCyRn_ukV_8l6bLHc...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MzcwNzA4ODMzNzUwMDMwNg%3D%3D&google_push=AXcoOmQnN1DtS3l9A-rk6QZKtSFdhg7IpepoqFv7NsA0bX3Cu7lSNoUjJhHEha4gMR2YGKCyRn_ukV_8l6bLHcttHS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MzcwNzA4ODMzNzUwMDMwNg%3D%3D&google_push=AXcoOmQnN1DtS3l9A-rk6QZKtSFdhg7IpepoqFv7NsA0bX3Cu7lSNoUjJhHEha4gMR2YGKCyRn_ukV_8l6bLHcttHSonrfIWMLwB
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MzcwNzA4ODMzNzUwMDMwNg%3D%3D&google_push=AXcoOmQnN1DtS3l9A-rk6QZKtSFdhg7IpepoqFv7NsA0bX3Cu7lSNoUjJhHEha4gMR2YGKCyRn_ukV_8l6bLHcttHSonrfIWMLwB
Date
Wed, 25 Oct 2023 01:48:36 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 88EE
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELMRxIbiLGVhQkHMd-SRUQQ&google_cver=1&google_push=AXcoOmRPKruOhm8OuH9XXG5uClPH9pamirqaMP_k-o6jJxhBBK1PuRnAHik_y_Lz-XUolExRLdbqxghyrVecwr5m...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zCCG4B61S78lLo5ZliRIZw&google_push=AXcoOmRPKruOhm8OuH9XXG5uClPH9pamirqaMP_k-o6jJxhBBK1PuRnAHik_y_Lz-XUolExRLdbqxghyrVecwr5mRIpnKNxJ2gkp
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zCCG4B61S78lLo5ZliRIZw&google_push=AXcoOmRPKruOhm8OuH9XXG5uClPH9pamirqaMP_k-o6jJxhBBK1PuRnAHik_y_Lz-XUolExRLdbqxghyrVecwr5mRIpnKNxJ2gkp
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 Oct 2023 01:48:36 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zCCG4B61S78lLo5ZliRIZw&google_push=AXcoOmRPKruOhm8OuH9XXG5uClPH9pamirqaMP_k-o6jJxhBBK1PuRnAHik_y_Lz-XUolExRLdbqxghyrVecwr5mRIpnKNxJ2gkp
x-host
tde-deliveryengine-production-69ffdcd588-7xb9v
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 88EE
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEJb_DYhwbu-f5Q2JYVx-hyA&google_cver=1&google_push=AXcoOmQMmpSCFzzHvrtNBye-debwIh0c8bT3QCAK7KkSOSkKmi5YRLH4nX3wXD8Or_odqashaU-BxMEwR1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQMmpSCFzzHvrtNBye-debwIh0c8bT3QCAK7KkSOSkKmi5YRLH4nX3wXD8Or_odqashaU-BxMEwR1J43RTg2owaX6hleSs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQMmpSCFzzHvrtNBye-debwIh0c8bT3QCAK7KkSOSkKmi5YRLH4nX3wXD8Or_odqashaU-BxMEwR1J43RTg2owaX6hleSs
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmQMmpSCFzzHvrtNBye-debwIh0c8bT3QCAK7KkSOSkKmi5YRLH4nX3wXD8Or_odqashaU-BxMEwR1J43RTg2owaX6hleSs
Date
Wed, 25 Oct 2023 01:48:36 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 88EE
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECatlkWXvj3Nh32PbthLJho&google_cver=1&google_push=AXcoOmRiwdT6E3mbfFo5SMZGrJz3U4ciM420j5jvuc_ut7pMpxZOKcF82rbjL9UT_wS-LZ8OaTBrwX22WAVgSW2rAvYjJWx...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECatlkWXvj3Nh32PbthLJho&google_cver=1&google_push=AXcoOmRiwdT6E3mbfFo5SMZGrJz3U4ciM420j5jvuc_ut7pMpxZOKcF82rbjL9UT_wS-LZ8OaTBrwX22WAVgSW2rAvYjJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRiwdT6E3mbfFo5SMZGrJz3U4ciM420j5jvuc_ut7pMpxZOKcF82rbjL9UT_wS-LZ8OaTBrwX22WAVgSW2rAvYjJWxHiVA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRiwdT6E3mbfFo5SMZGrJz3U4ciM420j5jvuc_ut7pMpxZOKcF82rbjL9UT_wS-LZ8OaTBrwX22WAVgSW2rAvYjJWxHiVA
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRiwdT6E3mbfFo5SMZGrJz3U4ciM420j5jvuc_ut7pMpxZOKcF82rbjL9UT_wS-LZ8OaTBrwX22WAVgSW2rAvYjJWxHiVA
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
0.gif
id5-sync.com/i/495/ Frame 88EE
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEPILYLi7s6XYpBp-eoRRgVs&google_cver=1&google_push=AXcoOmSH2Gs-u8uH6G9jHMeAZKHVvHeSETymHaQPVMxjPWYN_hLBS6XkTD4rPlEXs91S4q2l86ymtqUneZRqrhviVpKfXGRCuV2LBA
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSH2Gs-u8uH6G9jHMeAZKHVvHeSETymHaQPVMxjPWYN...
43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSH2Gs-u8uH6G9jHMeAZKHVvHeSETymHaQPVMxjPWYN_hLBS6XkTD4rPlEXs91S4q2l86ymtqUneZRqrhviVpKfXGRCuV2LBA
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 25 Oct 2023 01:48:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

date
Wed, 25 Oct 2023 01:48:36 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSH2Gs-u8uH6G9jHMeAZKHVvHeSETymHaQPVMxjPWYN_hLBS6XkTD4rPlEXs91S4q2l86ymtqUneZRqrhviVpKfXGRCuV2LBA
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
report
sync.teads.tv/um/ Frame 88EE
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDfhCWqIOGr3...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MjM0MGJhOTctOWIzMi00M2RlLTk3OWUtYjE5NDM2ZGJlMDA4&google_push=AXcoOmRU40aExA4IMLpQRykuEuvYpDVquZzPEHJDmFByH1goRdfF50xW-WRoppuMsysL-...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 01:48:36 GMT
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 88EE
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b011d054-9189-4a11-8935-5c09b31893d8&google_cver=1&google_gid=CAESEN4myh1okpQtegx1gCUsgAI&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b011d054-9189-4a11-8935-5c09b31893d8&google_cver=1&google_gid=CAESEN4myh1okpQtegx1gCUsgAI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRJqeGL7sHW8byFB5-9OMdMCM9Z6s5Y4vOnbWlVFbAQvbeJkdmilpk70GQhCA8LKypkdaezBNcyzskyIB1g3iEPrtshns60&gdpr=${GDPR}
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b011d054-9189-4a11-8935-5c09b31893d8&google_cver=1&google_gid=CAESEN4myh1okpQtegx1gCUsgAI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRJqeGL7sHW8byFB5-9OMdMCM9Z6s5Y4vOnbWlVFbAQvbeJkdmilpk70GQhCA8LKypkdaezBNcyzskyIB1g3iEPrtshns60&gdpr=${GDPR}
date
Wed, 25 Oct 2023 01:48:36 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 88EE 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQG7xc6FQLhnt7sgwOhNlme7O5qxJiZc0XS6hn1hDQhaNyg20NGy4b77XJSOO2QImoH3WNd0wz
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je3an0v9135293448&_p=1371445820&cid=153657198.1698198509&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1698198508&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Folkd%20%7C%20Home&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
matchadsrvr.yieldmo.com/track/ Frame 79E1 		49 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
u4Lk8g1lbfLLqJMQf0fojyID-UN1pKkNx1oT325_sAtSbuTBN3dtuQ==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:36 GMT
x-amzn-RequestId
e9db8ae0-2cbc-1bbb-b469-fcd4a92d3472
/
kinesis.us-east-1.amazonaws.com/ Frame 79E1 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
78156e0464b564d8530351570cf430523f82372a306f39d25fcb49c6cc96fd0e

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=906b7bc71aef845c68dcf1d07f6e20c96378797185d78093ca318940be43a7b2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
115beea7ed3ee69f4fa50ec929e3ef304e83382fcae90d9a29a032c1b442ad56
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014836Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:36 GMT
x-amzn-RequestId
f08659cb-dd1a-34db-ad34-2fff314d5ea7
Content-Length
133
x-amz-id-2
s7tRcic4LuPDtkhrPScp1i34/MHXYyyqlKkXzRdPmVAbAUCVKAOCKfjEjtVBBpbBeynZnMDAXlcx97oEDa65PNRf0id8rgfU
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame 46D7 		5 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 25 Oct 2023 01:48:36 GMT
pragma
no-cache
vary
accept-encoding
52.handlebars.js
static.yieldmo.com/sdk/template/js/desktop/ Frame 79E1 		208 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding
gzip
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 10:49:27 GMT
x-amz-cf-pop
FRA60-P5
age
61425
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Jul 2022 20:34:36 GMT
server
AmazonS3
etag
W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
20iA1F3FCGinlQWTaKk9ht0CRUFhNZRAmzSIVtQd998cJYpu9aMlQA==
google
match.adsrvr.org/track/cmf/ Frame 46D0 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKmwaa8lXMJGI0giDdWllVY&google_cver=1&google_push=AXcoOmQnU6JaCsoJbPzDioUONm9ipG9fK0INpk2FSfOU6vHY9ZEooBtnZYjGxKgUDJdcuqpxsgQ5OpAY34B7_Cm5cL_SywQt2Jgj
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 46D0
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEEwgvp23sZOFQpkMztGihIQ&google_cver=1&google_push=AXcoOmS3pSSXPzKKJqhjivFkwLclEHcJ1b87XYH28MyaVSNsiczvJGvabkF8RDuqSDq1CDp4vLdFmf-ly7pFOnHiR8b8zudSdb8H
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NzIxRDhDNkY2MTQyMzJGNA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NzIxRDhDNkY2MTQyMzJGNA==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NzIxRDhDNkY2MTQyMzJGNA==
date
Wed, 25 Oct 2023 01:48:36 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 46D0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEBdGzzI9GIc3M0QdAXnh5E&google_cver=1&google_push=AXcoOmT6oBmV6qqtqLCxNIkKqaEuIDW9FsmW01k6YdSydBNbVzSCGBjp0j2iAosBe1ErLvq5tVk3Ij3s2fc0u...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEBdGzzI9GIc3M0QdAXnh5E&google_push=AXcoOmT6oBmV6qqtqLCxNIkKqaEuIDW9FsmW01k6YdSydBNbVzSCGBjp0j2iAosBe1ErLvq5tVk3Ij3s2fc0u...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT6oBmV6qqtqLCxNIkKqaEuIDW9FsmW01k6YdSydBNbVzSCGBjp0j2iAosBe1ErLvq5tVk3Ij3s2fc0uknYwKr20IfnGZ4&google_hm=Y3o2MFlURzNCNTNiejVSM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT6oBmV6qqtqLCxNIkKqaEuIDW9FsmW01k6YdSydBNbVzSCGBjp0j2iAosBe1ErLvq5tVk3Ij3s2fc0uknYwKr20IfnGZ4&google_hm=Y3o2MFlURzNCNTNiejVSMkk5X2E=
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 01:48:36 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT6oBmV6qqtqLCxNIkKqaEuIDW9FsmW01k6YdSydBNbVzSCGBjp0j2iAosBe1ErLvq5tVk3Ij3s2fc0uknYwKr20IfnGZ4&google_hm=Y3o2MFlURzNCNTNiejVSMkk5X2E=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 46D0
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEOJWeiJpk1a0X28zG0HW49w&google_cver=1&google_push=AXcoOmSF-RNJhVd6PtdY6zIK6Bh0ncvhU9sI5-IXK0ahRa9k79uF71OHy9qrzhdK7iMQL8YJYd0-gJWC0zOJSNMi44qX-0...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOJWeiJpk1a0X28zG0HW49w&google_cver=1&google_push=AXcoOmSF-RNJhVd6PtdY6zIK6Bh0ncvhU9sI5-IXK0ahRa9k79uF71OHy9qrzhdK7iMQL8YJYd0-gJWC0zOJSNMi...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=uxE8gk7AR1utJJp3217vGQ&google_push=AXcoOmSF-RNJhVd6PtdY6zIK6Bh0ncvhU9sI5-IXK0ahRa9k79uF71OHy9qrzhdK7iMQL8YJYd0-gJWC0zOJSNM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=uxE8gk7AR1utJJp3217vGQ&google_push=AXcoOmSF-RNJhVd6PtdY6zIK6Bh0ncvhU9sI5-IXK0ahRa9k79uF71OHy9qrzhdK7iMQL8YJYd0-gJWC0zOJSNMi44qX-0HTnijQ
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=uxE8gk7AR1utJJp3217vGQ&google_push=AXcoOmSF-RNJhVd6PtdY6zIK6Bh0ncvhU9sI5-IXK0ahRa9k79uF71OHy9qrzhdK7iMQL8YJYd0-gJWC0zOJSNMi44qX-0HTnijQ
access-control-allow-origin
*
date
Wed, 25 Oct 2023 01:48:36 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
google
sync-dmp.aura-dsp.com/match/ Frame 46D0 		0
0
spacer.gif
an.yandex.ru/resource/ Frame 46D0
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEKebHHQsc64MzgT-D95Etl8?ext-param=AXcoOmTSe1Q0uooOYydNOeyfSZxvJFBJDBbw_LvUGO29f2ZzKW6ITcrrfkM6bXs8Wk8xah2EOs9d9YuJoWfYlOEDqL49Q0f2hACJ&partner-tag=yandex_ag&g...
  • https://an.yandex.ru/mapuid/google/CAESEKebHHQsc64MzgT-D95Etl8?redir-setuniq=1&ext-param=AXcoOmTSe1Q0uooOYydNOeyfSZxvJFBJDBbw_LvUGO29f2ZzKW6ITcrrfkM6bXs8Wk8xah2EOs9d9YuJoWfYlOEDqL49Q0f2hACJ&partner...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKebHHQsc64MzgT-D95Etl8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 09 Oct 2024 01:48:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 46D0
Redirect Chain
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEG2OBvi74xPz_i0kHgGAVJo&google_cver=1&google_push=AXcoOmQwT3Lte71sm-Aj2ah2OlM_9EhgdjXK-nHogOwh-XDHMOOQDFS4cAfxEfGssHpPaDqYJd4SX5ql2e9nOarPIwUX...
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEG2OBvi74xPz_i0kHgGAVJo&google_cver=1&google_push=AXcoOmQwT3Lte71sm-Aj2ah2OlM_9EhgdjXK-nHogOwh-XDHMOOQDFS4cAfxEfGssHpPaDqYJd4SX5ql2e9nOarPIwUX...
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NDZmOTI1NDMzMjU2Yzg0NQ&google_push=AXcoOmQwT3Lte71sm-Aj2ah2OlM_9EhgdjXK-nHogOwh-XDHMOOQDFS4cAfxEfGssHpPaDqYJd4SX5ql2e9nOarPIwUXI74...
  • https://sync.gonet-ads.com/match/google
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NDZmOTI1NDMzMjU2Yzg0NQ&google_push=
  • https://s0.2mdn.net/dot.gif?google_error=5
43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_error=5
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 20:41:15 GMT
x-content-type-options
nosniff
age
18442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 20:41:15 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 46D0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5GO9ObxB7q9suuWkaLD4l5pgjGXIMIDZciSgC2pV2t7xCaFEN3v6G_By4nv3ggGx5zGwxnAL7
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame EDAB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF0fGwnFUNJaj0JL6gKkIos&google_push=AXcoOmS5FJAxprdtmjkQqEnj1l5I4ofAo2NvzsXdelouhg2UxkdjGmhH3F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF0fGwnFUNJaj0JL6gKkIos&google_push=AXcoOmS5FJAxprdtmjkQqEnj1l5I4ofAo2NvzsXdelouhg2UxkdjGmhH3FlwtgsWoCrUsLCasYfZGi7vedzC6Qp6smPazrNIeZE
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230050-FRA
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1698198516.287235,VS0,VE95
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF0fGwnFUNJaj0JL6gKkIos&google_push=AXcoOmS5FJAxprdtmjkQqEnj1l5I4ofAo2NvzsXdelouhg2UxkdjGmhH3FlwtgsWoCrUsLCasYfZGi7vedzC6Qp6smPazrNIeZE
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame EDAB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKmwaa8lXMJGI0giDdWllVY&google_cver=1&google_push=AXcoOmQKpZiZkduP9UQ6gJREqPP5LHFH0LZOe71h4raoech4xLfdrSpVjcnnqsh4vYtqNYM3QTdLlM2XmXsjm5MePv2KDVpKPjIw
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame EDAB
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJTpS67DYAC4Mr1Rry17mVo&c_param1=AXcoOmTOnJiP0Jo0aVoZ7yGfsNEqu5AwKrfzONAY70jEQ2mzp8w4hIB-ha0h1SXULyB7S6dN27fGs959tp846g2_Sg_QB9m_zxG_&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTOnJiP0Jo0aVoZ7yGfsNEqu5AwKrfzONAY70jEQ2mzp8w4hIB-ha0h1SXULyB7S6dN27fGs959tp846g2_Sg_QB9m_zxG_
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTOnJiP0Jo0aVoZ7yGfsNEqu5AwKrfzONAY70jEQ2mzp8w4hIB-ha0h1SXULyB7S6dN27fGs959tp846g2_Sg_QB9m_zxG_
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTOnJiP0Jo0aVoZ7yGfsNEqu5AwKrfzONAY70jEQ2mzp8w4hIB-ha0h1SXULyB7S6dN27fGs959tp846g2_Sg_QB9m_zxG_
date
Wed, 25 Oct 2023 01:48:36 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame EDAB
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEOJWeiJpk1a0X28zG0HW49w&google_cver=1&google_push=AXcoOmTVa-qnUwzLOPNidfnsIk-AIj7FGl50ga3L797t4Y8kEJRlFO9Q8nWD_dABgKTFNGw2PiXgUiAnQUdEhdCjSedsGi...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOJWeiJpk1a0X28zG0HW49w&google_cver=1&google_push=AXcoOmTVa-qnUwzLOPNidfnsIk-AIj7FGl50ga3L797t4Y8kEJRlFO9Q8nWD_dABgKTFNGw2PiXgUiAnQUdEhdCj...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=uxE8gk7AR1utJJp3217vGQ&google_push=AXcoOmTVa-qnUwzLOPNidfnsIk-AIj7FGl50ga3L797t4Y8kEJRlFO9Q8nWD_dABgKTFNGw2PiXgUiAnQUdEhdC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=uxE8gk7AR1utJJp3217vGQ&google_push=AXcoOmTVa-qnUwzLOPNidfnsIk-AIj7FGl50ga3L797t4Y8kEJRlFO9Q8nWD_dABgKTFNGw2PiXgUiAnQUdEhdCjSedsGiUI-9Q
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=uxE8gk7AR1utJJp3217vGQ&google_push=AXcoOmTVa-qnUwzLOPNidfnsIk-AIj7FGl50ga3L797t4Y8kEJRlFO9Q8nWD_dABgKTFNGw2PiXgUiAnQUdEhdCjSedsGiUI-9Q
access-control-allow-origin
*
date
Wed, 25 Oct 2023 01:48:36 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame EDAB
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEIfy-679-XSr4KD0733guEY&google_cver=1&google_push=AXcoOmS_OScIX3pTvpjhnAfJFtQKfp8NOxCugbri72fAXDZhIbpf7LCJ4Dv8ur1j1jFLpLeliNMfo5awSJ8u0fTndGrsVW_...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS_OScIX3pTvpjhnAfJFtQKfp8NOxCugbri72fAXDZhIbpf7LCJ4Dv8ur1j1jFLpLeliNMfo5awSJ8u0fTndGrsVW_UYT3f&google_hm=MjAzNDQ3MzA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS_OScIX3pTvpjhnAfJFtQKfp8NOxCugbri72fAXDZhIbpf7LCJ4Dv8ur1j1jFLpLeliNMfo5awSJ8u0fTndGrsVW_UYT3f&google_hm=MjAzNDQ3MzA5OTQzMjE2NDg1MA==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS_OScIX3pTvpjhnAfJFtQKfp8NOxCugbri72fAXDZhIbpf7LCJ4Dv8ur1j1jFLpLeliNMfo5awSJ8u0fTndGrsVW_UYT3f&google_hm=MjAzNDQ3MzA5OTQzMjE2NDg1MA==
Date
Wed, 25 Oct 2023 01:48:36 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame EDAB
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRN2sXlJiMs64kMd0t-ulyGA0qUMMPHtp3nA1ey4DkZPrV1Pb9RSRFaufphk0OCgpPEZN-kvB-JlU3HD3MKYkIC_IHueLysZw&google_gid=CAESEFMRpaIB4AF...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_hm=T1BVNDAxNmM2ODI4ZmQ4NDcxYWIzYjc0MDlmMjM3M2RkNGQ&google_nid=opera_norway_as&google_push=AXcoOmRN2sXl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_hm=T1BVNDAxNmM2ODI4ZmQ4NDcxYWIzYjc0MDlmMjM3M2RkNGQ&google_nid=opera_norway_as&google_push=AXcoOmRN2sXlJiMs64kMd0t-ulyGA0qUMMPHtp3nA1ey4DkZPrV1Pb9RSRFaufphk0OCgpPEZN-kvB-JlU3HD3MKYkIC_IHueLysZw
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_hm=T1BVNDAxNmM2ODI4ZmQ4NDcxYWIzYjc0MDlmMjM3M2RkNGQ&google_nid=opera_norway_as&google_push=AXcoOmRN2sXlJiMs64kMd0t-ulyGA0qUMMPHtp3nA1ey4DkZPrV1Pb9RSRFaufphk0OCgpPEZN-kvB-JlU3HD3MKYkIC_IHueLysZw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
326
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EDAB
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEKqLav-IqFk_zT7M-Skr9vE&google_cver=1&google_push=AXcoOmR6S49fSQJHo4yG9nvuvE8IqHulhKcOchU4TXDImMkmQyha4FnMXuQibaB3zWX...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR6S49fSQJHo4yG9nvuvE8IqHulhKcOchU4TXDImMkmQyha4FnMXuQibaB3zWXf-dOI3oLgRo-JSl90LLJ_aDaYq6zxiesmAA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR6S49fSQJHo4yG9nvuvE8IqHulhKcOchU4TXDImMkmQyha4FnMXuQibaB3zWXf-dOI3oLgRo-JSl90LLJ_aDaYq6zxiesmAA
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
75da127f.22cda325
date
Wed, 25 Oct 2023 01:48:36 GMT
x-bytefaas-request-id
20231025014836B754283F24E1626E3139
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-239-13.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-parent-response-time
103,2.16.239.13
server-timing
cdn-cache; desc=MISS, edge; dur=95, origin; dur=8, inner; dur=5
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231025014836B754283F24E1626E3139
x-cache-remote
TCP_MISS from a23-202-158-134.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR6S49fSQJHo4yG9nvuvE8IqHulhKcOchU4TXDImMkmQyha4FnMXuQibaB3zWXf-dOI3oLgRo-JSl90LLJ_aDaYq6zxiesmAA
x-bytefaas-execution-duration
3.68
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01d135d19ef41c74ed8b8d770ab2c3c35a4446d29709d3e6ad2dab3f0561268ec3df1a5c5482127d31a4ac8daeffd2e1b0f39656fb3fcd8926afa9f8c91555819ae6fd5dd090c1d67520e1c0da71fcfe0b5a52744149134ed41bcfbb618d3bdfd71326260211337e921af19c37c323d698
x-origin-response-time
8,23.202.158.134
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Wed, 25 Oct 2023 01:48:36 GMT
attr
cm.g.doubleclick.net/pixel/ Frame EDAB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDQ1YAcbz3LHsNqjtF7EdzjvHljhvNh-fNcpMreTM5uIEKiMmyNtYRPVHJM10pFMwbFoj07jRq
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
i.match
s.tribalfusion.com/z/ Frame CEBC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJE5l3OKuBaFkx8ONypsMW0&google_cver=1&google_push=AXcoOmTSvHaoFOFgEIux2CgJo5Pf5ynIUjuWtZzk35kw69HrT7TFxAWwXqaC696LyYuVO2vwDEW6tkDbGKibreChlGXnoQclKA&re...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJE5l3OKuBaFkx8ONypsMW0&google_cver=1&google_push=AXcoOmTSvHaoFOFgEIux2CgJo5Pf5ynIUjuWtZzk35kw69HrT7TFxAWwXqaC696LyYuVO2vwDEW6tkDbGKibreChlGXnoQclKA&...
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJE5l3OKuBaFkx8ONypsMW0&google_cver=1&google_push=AXcoOmTSvHaoFOFgEIux2CgJo5Pf5ynIUjuWtZzk35kw69HrT7TFxAWwXqaC696LyYuVO2vwDEW6tkDbGKibreChlGXnoQclKA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSvHaoFOFgEIux2CgJo5Pf5ynIUjuWtZzk35kw69HrT7TFxAWwXqaC696LyYuVO2vwDEW6tkDbGKibreChlGXnoQclKA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81b6cc5a1f6f01eb-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
40
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJE5l3OKuBaFkx8ONypsMW0&google_cver=1&google_push=AXcoOmTSvHaoFOFgEIux2CgJo5Pf5ynIUjuWtZzk35kw69HrT7TFxAWwXqaC696LyYuVO2vwDEW6tkDbGKibreChlGXnoQclKA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSvHaoFOFgEIux2CgJo5Pf5ynIUjuWtZzk35kw69HrT7TFxAWwXqaC696LyYuVO2vwDEW6tkDbGKibreChlGXnoQclKA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81b6cc589da401eb-ZRH
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CEBC
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEEwgvp23sZOFQpkMztGihIQ&google_cver=1&google_push=AXcoOmTgfPRxvf4I2wMbXuQ5W-ElKGCdZVQAbRqpzXOzKfZCUhjG4cZW0sSPsFWpMw4PzoHcG5XRoUgJ1nXdzx0HndWmlTGUlsg
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTNBMjREMzI0M0RCQzRFMA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTNBMjREMzI0M0RCQzRFMA==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MTNBMjREMzI0M0RCQzRFMA==
date
Wed, 25 Oct 2023 01:48:36 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame CEBC
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELinqjiMucWKJM2-sC_bkZI&google_cver=1&google_push=AXcoOmS_582Q0NbZTCSxQ09w4xBpmGhLFXWpwPe7r5qPm7saW5FuIpq5PAuoUtgD5ZvnKn1pXX1UH1sCQi0v_W...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MzcwNzA4ODMzOTA3MzE3MA%3D%3D&google_push=AXcoOmS_582Q0NbZTCSxQ09w4xBpmGhLFXWpwPe7r5qPm7saW5FuIpq5PAuoUtgD5ZvnKn1pXX1UH1sCQi0v_WFtHk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MzcwNzA4ODMzOTA3MzE3MA%3D%3D&google_push=AXcoOmS_582Q0NbZTCSxQ09w4xBpmGhLFXWpwPe7r5qPm7saW5FuIpq5PAuoUtgD5ZvnKn1pXX1UH1sCQi0v_WFtHkkuqUl8zg
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MzcwNzA4ODMzOTA3MzE3MA%3D%3D&google_push=AXcoOmS_582Q0NbZTCSxQ09w4xBpmGhLFXWpwPe7r5qPm7saW5FuIpq5PAuoUtgD5ZvnKn1pXX1UH1sCQi0v_WFtHkkuqUl8zg
Date
Wed, 25 Oct 2023 01:48:36 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame CEBC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDdoYfRQU2ItSyGlzIpxf1s&google_cver=1&google_push=AXcoOmRMJYgjLEpWe1zc_AujorNe9Po80SSjcPgBXV52ICB7vPF58PlvpJtwykeRTwdRW74K8yt...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81M0pURzktRy02Rlgw&google_push=AXcoOmRMJYgjLEpWe1zc_AujorNe9Po80SSjcPgBXV52ICB7vPF58PlvpJtwykeRTwdRW74K8ytmqxLCsKyzDHyVjfS4gjVpYJY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81M0pURzktRy02Rlgw&google_push=AXcoOmRMJYgjLEpWe1zc_AujorNe9Po80SSjcPgBXV52ICB7vPF58PlvpJtwykeRTwdRW74K8ytmqxLCsKyzDHyVjfS4gjVpYJY
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81M0pURzktRy02Rlgw&google_push=AXcoOmRMJYgjLEpWe1zc_AujorNe9Po80SSjcPgBXV52ICB7vPF58PlvpJtwykeRTwdRW74K8ytmqxLCsKyzDHyVjfS4gjVpYJY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
cs
cs.lkqd.net/ Frame CEBC
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHNrJNWklEsSGAM7GNo9oAQ&google_cver=1&google_push=AXcoOmRy4GFLJOZ6nkHUmCqaWt0dU0BgDn04o0yKoVJzGCm1gxKox7layLvot16q8SFoMtr8HMZdvqnkg6gyK02J...
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6bc6639e1e&gdpr=0&gdpr_consent=
43 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6bc6639e1e&gdpr=0&gdpr_consent=
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Wed, 25 Oct 2023 01:48:36 GMT
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
location
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6bc6639e1e&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
vUWS0fnNtBYsX-TylEt3xBoM1cr2vzegNG2eunCjM3DJ9JIqR8F15A==
pixel
cm.g.doubleclick.net/ Frame CEBC
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEHdAx0vpcedKF9Oh_XjnJbA&google_cver=1&google_push=AXcoOmQQnXKiZEFT-xwFydbq66DctiTKhhrVhsLTJnnm_DIYHCSJvrIfITQR3s7y_lZ7y5Om35pGJrh-0QrukzklinTJGbOAAg
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQQnXKiZEFT-xwFydbq66DctiTKhhrVhsLTJnnm_DIYHCSJvrIfITQR3s7y_lZ7y5Om35pGJrh-0QrukzklinTJGbOAAg&google_hm=M2V4M3N4eGZmTnhtdzRib2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQQnXKiZEFT-xwFydbq66DctiTKhhrVhsLTJnnm_DIYHCSJvrIfITQR3s7y_lZ7y5Om35pGJrh-0QrukzklinTJGbOAAg&google_hm=M2V4M3N4eGZmTnhtdzRib2FrX0Q=
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQQnXKiZEFT-xwFydbq66DctiTKhhrVhsLTJnnm_DIYHCSJvrIfITQR3s7y_lZ7y5Om35pGJrh-0QrukzklinTJGbOAAg&google_hm=M2V4M3N4eGZmTnhtdzRib2FrX0Q=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame CEBC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAfadAzr6usJ_saY8NrNxcI&google_cver=1&google_push=AXcoOmQAGoYjhKKZP...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEAfadAzr6usJ_saY8NrNxcI%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzE5Mjk2MzAzNDc4MDU5Njk5OA%3D%3D&google_gid=CAESEAfadAzr6usJ_saY8NrNxcI&google_cver=1&google_push=AXcoOmQAGoYjhKKZPx5W-16_5HT1hKaV6a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzE5Mjk2MzAzNDc4MDU5Njk5OA%3D%3D&google_gid=CAESEAfadAzr6usJ_saY8NrNxcI&google_cver=1&google_push=AXcoOmQAGoYjhKKZPx5W-16_5HT1hKaV6aFXmCK8lWAZtCHRyeE5Brz8lJIJoibwz5f_RjnMwAYKij-2af41JPE1GAE8x4DiWJBV
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
an-x-request-uuid
ed08751c-5fa1-4206-a47f-f9ea3057e08a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzE5Mjk2MzAzNDc4MDU5Njk5OA%3D%3D&google_gid=CAESEAfadAzr6usJ_saY8NrNxcI&google_cver=1&google_push=AXcoOmQAGoYjhKKZPx5W-16_5HT1hKaV6aFXmCK8lWAZtCHRyeE5Brz8lJIJoibwz5f_RjnMwAYKij-2af41JPE1GAE8x4DiWJBV
x-proxy-origin
77.57.195.200; 77.57.195.200; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CEBC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJwvWKdu_OWtuy1EJBPDkkn9r2COi4iIbiST3KPN-OTEI2zfxpSwlhW74b5m42mwT9Uhqatw
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 2B66
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELfHS_8Tjy-8mOytF6-DEi8&google_cver=1&google_push=AXcoOmRDDJvmaZ1IcXQ4mkQ_nYI7TFFgwWpmIsijBoDP917Oy81YyZApFWjp04Pqm86OL6SXB63Bz0Jbkg4vC-ttBpEwhTd1iAul
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=410E59942BE04379971BBAF54A976A90&google_push=AXcoOmRDDJvmaZ1IcXQ4mkQ_nYI7TFFgwWpmIsijBoDP917Oy81YyZApFWjp04Pqm86OL6SXB63Bz0Jbkg4vC-t...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=410E59942BE04379971BBAF54A976A90&google_push=AXcoOmRDDJvmaZ1IcXQ4mkQ_nYI7TFFgwWpmIsijBoDP917Oy81YyZApFWjp04Pqm86OL6SXB63Bz0Jbkg4vC-ttBpEwhTd1iAul
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 Oct 2023 01:48:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=410E59942BE04379971BBAF54A976A90&google_push=AXcoOmRDDJvmaZ1IcXQ4mkQ_nYI7TFFgwWpmIsijBoDP917Oy81YyZApFWjp04Pqm86OL6SXB63Bz0Jbkg4vC-ttBpEwhTd1iAul
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 24 Oct 2023 01:48:36 GMT
google
match.adsrvr.org/track/cmf/ Frame 2B66 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKmwaa8lXMJGI0giDdWllVY&google_cver=1&google_push=AXcoOmTUX_ks2bGlsWWmRTHqszW6ckL6i9ufv3NGEpewZHbDHk9YiYgo3YTULgVLKXCgpGVTWPVv2B4m9z3YSHceRAJyFfUFqae0
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 2B66
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEF6q_Ja_QBmPxZyasIl4ZBU&google_cver=1&google_push=AXcoOmQhwDFFFMKRceJNPbwxprkMBj_EQhZrTevXhnEfWdHMEN4d9guXL7_j0Na7p7zzsq4LKK5P2Fs1704...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQhwDFFFMKRceJNPbwxprkMBj_EQhZrTevXhnEfWdHMEN4d9guXL7_j0Na7p7zzsq4LKK5P2Fs17044DHLIUJ4JyTGM96xu&google_hm=69oMkVanRGKZmzB2JTbGGMg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQhwDFFFMKRceJNPbwxprkMBj_EQhZrTevXhnEfWdHMEN4d9guXL7_j0Na7p7zzsq4LKK5P2Fs17044DHLIUJ4JyTGM96xu&google_hm=69oMkVanRGKZmzB2JTbGGMg
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQhwDFFFMKRceJNPbwxprkMBj_EQhZrTevXhnEfWdHMEN4d9guXL7_j0Na7p7zzsq4LKK5P2Fs17044DHLIUJ4JyTGM96xu&google_hm=69oMkVanRGKZmzB2JTbGGMg
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2B66
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBirOhhdH4l6wd3ITlX8Xjo&google_cver=1&google_push=AXcoOmSYeCOTd6usLBcQkF1yRJWD6GuoplFzwM6zu03iPO3Q-6cWCALROAjEDxz0Pe6v8L7PqmMI3hQZNaQU47q3hqEgjG-6SaiV
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSYeCOTd6usLBcQkF1yRJWD6GuoplFzwM6zu03iPO3Q-6cWCALROAjEDxz0Pe6v8L7PqmMI3hQZNaQU47q3hqEgjG-6SaiV&google_hm=fYbc-RNxhJu8-3yENkcGiQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSYeCOTd6usLBcQkF1yRJWD6GuoplFzwM6zu03iPO3Q-6cWCALROAjEDxz0Pe6v8L7PqmMI3hQZNaQU47q3hqEgjG-6SaiV&google_hm=fYbc-RNxhJu8-3yENkcGiQ==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSYeCOTd6usLBcQkF1yRJWD6GuoplFzwM6zu03iPO3Q-6cWCALROAjEDxz0Pe6v8L7PqmMI3hQZNaQU47q3hqEgjG-6SaiV&google_hm=fYbc-RNxhJu8-3yENkcGiQ==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
pixel
cm.g.doubleclick.net/ Frame 2B66
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELMJLn7s3A5haWV-9bC2MUs&google_cver=1&google_push=AXcoOmTDcwvJ7WpS_SFLMekVebRBRkOd0JDl3dCDXpwj9z6tETbvWmbrNBZOv4roZb4gQzcGLptwvpH6-dSdHP3oMWWXZqYyjh9R
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTDcwvJ7WpS_SFLMekVebRBRkOd0JDl3dCDXpwj9z6tETbvWmbrNBZOv4roZb4gQzcGLptwvpH6-dSdHP3oMWWXZqYyjh9...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0MDAxMDQyNDEwMjMwNjM0NjExMw%3D%3D&google_push=AXcoOmTDcwvJ7WpS_SFLMekVebRBRkOd0JDl3dCDXpwj9z6tETbvWmbr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0MDAxMDQyNDEwMjMwNjM0NjExMw%3D%3D&google_push=AXcoOmTDcwvJ7WpS_SFLMekVebRBRkOd0JDl3dCDXpwj9z6tETbvWmbrNBZOv4roZb4gQzcGLptwvpH6-dSdHP3oMWWXZqYyjh9R
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0MDAxMDQyNDEwMjMwNjM0NjExMw%3D%3D&google_push=AXcoOmTDcwvJ7WpS_SFLMekVebRBRkOd0JDl3dCDXpwj9z6tETbvWmbrNBZOv4roZb4gQzcGLptwvpH6-dSdHP3oMWWXZqYyjh9R
date
Wed, 25 Oct 2023 01:48:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 2B66
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEE61yV3HPKtvnudnQKbAwaA&google_cver=1&google_push=AXcoOmRDKJxLlXIZIAdp7c70mwexUJvw1wmN26v6IHrpKEltzA2Zua5OCDNxpzT4LXyz3kUdlXWtY...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRDKJxLlXIZIAdp7c70mwexUJvw1wmN26v6IHrpKEltzA2Zua5OCDNxpzT4LXyz3kUdlXWtYquYz3RJbjucHpiEEF2t1dAS&google_hm=WlRoejlNQ28...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRDKJxLlXIZIAdp7c70mwexUJvw1wmN26v6IHrpKEltzA2Zua5OCDNxpzT4LXyz3kUdlXWtYquYz3RJbjucHpiEEF2t1dAS&google_hm=WlRoejlNQ284WGdBQUxhWHpnQUFBQUFB
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Wed, 25 Oct 2023 01:48:37 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEE61yV3HPKtvnudnQKbAwaA&google_cver=1&google_push=AXcoOmRDKJxLlXIZIAdp7c70mwexUJvw1wmN26v6IHrpKEltzA2Zua5OCDNxpzT4LXyz3kUdlXWtYquYz3RJbjucHpiEEF2t1dAS","cluster_id":0,"gdpr":false,"ipv4":"77.57.195.200","key":"ZThz9MCo8XgAALaXzgAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad234"}
X-SO-Key
ZThz9MCo8XgAALaXzgAAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad234
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRDKJxLlXIZIAdp7c70mwexUJvw1wmN26v6IHrpKEltzA2Zua5OCDNxpzT4LXyz3kUdlXWtYquYz3RJbjucHpiEEF2t1dAS&google_hm=WlRoejlNQ284WGdBQUxhWHpnQUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad234.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng20.dc4p.scaleout.jp
X-SO-IP
77.57.195.200
google
sync-dmp.aura-dsp.com/match/ Frame 2B66 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 2B66 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJyMA8jYKhMPaJGwqrlO-dpCJ_DQ9hR-JRxogz7vC9qz9gDShTzzCl1oyijuQyjXBRW_yC_w
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 1626
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_cver=1&google_push=AXcoOmTtjd4VsaNvF34RV6AWHTlB2kOpJW1q0X2Lv0N6WEXuczKlZe5...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3ba6d0a67f821912&is_secure=true&networkId=14000&version=1&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_cver=1&google_push=AXcoOmTtjd4V...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH9u2hKDys4AMFmAGZAAAAAAA&expiration=1698284916&google_cver=1&is_secure=true&google_gid=CAESEHj10bT-rkVA-rtfy6c3E...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH9u2hKDys4AMFmAGZAAAAAAA&expiration=1698284916&google_cver=1&is_secure=true&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_push=AXcoOmTtjd4VsaNvF34RV6AWHTlB2kOpJW1q0X2Lv0N6WEXuczKlZe5EIfPxgJoncSX20DReAH1Kj0hDdczEvXvlPvO1AeofTjLcTg
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH9u2hKDys4AMFmAGZAAAAAAA&expiration=1698284916&google_cver=1&is_secure=true&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_push=AXcoOmTtjd4VsaNvF34RV6AWHTlB2kOpJW1q0X2Lv0N6WEXuczKlZe5EIfPxgJoncSX20DReAH1Kj0hDdczEvXvlPvO1AeofTjLcTg
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 1626
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ_r7...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-1nD6UakVxOPJD3ZAI4VCqr594gW-igR4Wwd2qw&google_push=AXcoOmQ_r7IGsmHLLUelpIgN1TifxJXcZ4ildFWwjYXwxNmlW7AAn97E2bjIQVVE5c5VXFsO9REPWbGIRlun...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-1nD6UakVxOPJD3ZAI4VCqr594gW-igR4Wwd2qw&google_push=AXcoOmQ_r7IGsmHLLUelpIgN1TifxJXcZ4ildFWwjYXwxNmlW7AAn97E2bjIQVVE5c5VXFsO9REPWbGIRlunnNxPeV356C399-MBdA
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-1nD6UakVxOPJD3ZAI4VCqr594gW-igR4Wwd2qw&google_push=AXcoOmQ_r7IGsmHLLUelpIgN1TifxJXcZ4ildFWwjYXwxNmlW7AAn97E2bjIQVVE5c5VXFsO9REPWbGIRlunnNxPeV356C399-MBdA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
691667
content-length
0
expires
Wed, 25 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1626
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKHJh8REm0inWiEefY2SJNs&google_cver=1&google_push=AXcoOmSMijxwITaGiJvpkqeO575-PNUJOdAs2tF-AyTD10mQGyHIQi87FiZ_mAI4okpL9tylNOyyJfD5...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODk2NTYyOTc0MDcxOTkzOA&google_push=AXcoOmSMijxwITaGiJvpkqeO575-PNUJOdAs2tF-AyTD10mQGyHIQi87FiZ_mAI4okpL9tylNOyyJf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODk2NTYyOTc0MDcxOTkzOA&google_push=AXcoOmSMijxwITaGiJvpkqeO575-PNUJOdAs2tF-AyTD10mQGyHIQi87FiZ_mAI4okpL9tylNOyyJfD5ohE34GKqKm1oaGvmVPZwzw
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODk2NTYyOTc0MDcxOTkzOA&google_push=AXcoOmSMijxwITaGiJvpkqeO575-PNUJOdAs2tF-AyTD10mQGyHIQi87FiZ_mAI4okpL9tylNOyyJfD5ohE34GKqKm1oaGvmVPZwzw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1626
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGqm3LycR0mCfW37I72OtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGqm3LycR0mCfW37I72OtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmR6xO4QhTDu8YVKgTr4pMxRMvXkZ48fCCWkEBC-x3fTUZ6BKESvZfEfkLRTtGVP_2I2GhdeAQfevp7WG1rEStIArHzyXr9otQ
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGqm3LycR0mCfW37I72OtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmR6xO4QhTDu8YVKgTr4pMxRMvXkZ48fCCWkEBC-x3fTUZ6BKESvZfEfkLRTtGVP_2I2GhdeAQfevp7WG1rEStIArHzyXr9otQ
date
Wed, 25 Oct 2023 01:48:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
dsp.adkernel.com/ Frame 1626 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEEVegs2e_PiZ2GNt_YGCdss&google_cver=1&google_push=AXcoOmTVPN-yFyhkw0WFfvVGtVxc86FhsDBOfr_HH7gr7p5v4xXeTY0M45LS2ZVDc4WbvStdEGNvBF4XLEbZa3UuTrsVrgp3OQvkjg
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 01:48:36 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 1626
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_hm=ZThz9HlfJ6x8HxbKVTp4-gAACF0AAAAB&google_nid=index&google_push=AXcoOmQ_QhDaVmG81uGjkV64iuqv06SsPs3RZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_hm=ZThz9HlfJ6x8HxbKVTp4-gAACF0AAAAB&google_nid=index&google_push=AXcoOmQ_QhDaVmG81uGjkV64iuqv06SsPs3RZHSwZ7qtcFXXRiMwAKrT0Qbe8CaoZdV8_kvma4YOaSQVic7ErFzn2C5jXqIVnhAJ
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GaKrMCKktt0JHqB5i0Y2ssFCnUn8knC8fgoGHYAu%2FY4P6w7DahIy8G2jWCFTwpS4dC7c6bnMSdNBhL%2BmRPCYP%2FZbfQ%2BTueMDhNfCm9eJTBVizF5FiQdcBq1BNOLUXZ%2B9lxaenkHULKq8xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_hm=ZThz9HlfJ6x8HxbKVTp4-gAACF0AAAAB&google_nid=index&google_push=AXcoOmQ_QhDaVmG81uGjkV64iuqv06SsPs3RZHSwZ7qtcFXXRiMwAKrT0Qbe8CaoZdV8_kvma4YOaSQVic7ErFzn2C5jXqIVnhAJ
cache-control
no-cache
cf-ray
81b6cc57bf8d01db-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 1626
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELVxIBpShjWwdRcvZi7mtPc&google_cver=1&google_push=AXcoOmQCQBgJvCBGY4bR53KmMov-WRXA38Jsr_5cLsZaMyFCLGSk_7jmireDUFcOzTby62wLkA_Mw3C9JLR...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi2SE8oHWa1S1oXPnV9s7w_PdXz27t80HCw&google_push=AXcoOmQCQBgJvCBGY4bR53KmMov-WRXA38Jsr_5cLsZaMyFCLGSk_7jmireDUFcOzTby62wLkA_Mw3C9JL...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1626 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lvuww21sQJx4JIZWobkvjPDNTZwIv_UBXKYY5_Wa0_5-BMYYaz6xH2k_3tiL2j0X_NYQI9Fw
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
rid
matchadsrvr.yieldmo.com/track/ Frame 1B73 		49 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
rMOeIH7go1veTolrG1RZEOktZquEgbZxbikuratTW7fkEbESjlx3aQ==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:36 GMT
x-amzn-RequestId
d3788b03-cca6-05c0-8eca-fd37c6c9d448
/
kinesis.us-east-1.amazonaws.com/ Frame 1B73 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
dcbd22a44fc4eed5160057d52c5ff180add4114f80c54091eb3d84366d49268f

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=a15188525aa824eb72bdba7f9d8472dcfe469d9da35c42f8568989b90bdb083f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
6718a5c65b0aab3cefa604f81972eb5ee12ce521693c79d0942cf00b2fdf169b
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014836Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
eb4b23b2-d5ca-a761-b6f9-5587dfa576e9
Content-Length
133
x-amz-id-2
tQsGGE/yXUP33lCPV7J+x565t37MtK5Yi+TiPMK4OKJe54nXdTzF0q/wPmAA09+1YtLTcz2xzKuajtlowIxESgNkQhdTzxQt
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame 52A4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Wed, 25 Oct 2023 01:48:36 GMT
pragma
no-cache
52.handlebars.js
static.yieldmo.com/sdk/template/js/desktop/ Frame 1B73 		208 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding
gzip
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 10:49:27 GMT
x-amz-cf-pop
FRA60-P5
age
61425
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Jul 2022 20:34:36 GMT
server
AmazonS3
etag
W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
jZ__uP5rH9UXVgnLKIbZUKTaU38whwH--u6QaHdzvNQuU-2OZ_zgRQ==
truncated
/ Frame 79E1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6008052054e15dc67d84e8697abf2dfe062986b58f3b1462b3ab6afa66a2aa38

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
google
match.adsrvr.org/track/cmf/ Frame 1BE4 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKmwaa8lXMJGI0giDdWllVY&google_cver=1&google_push=AXcoOmQPFerenqCedOO6i6J6d4ZXvzrkYyeS_N3BBnGniTYRD-apQ4LWqezlHOtkJnPQmg-hcpUE8-wtg4K_z8K2dnOat3T47Y4
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 1BE4
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELMRxIbiLGVhQkHMd-SRUQQ&google_cver=1&google_push=AXcoOmRTW_1I12q1yMtdHImQKpnDccG8PsPDK6LEqyjS1tSohIfvugwwEccgsIiNmi1jxMbvIoS4gPK5RNYhi-vv...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zCCG4B61S78lLo5ZliRIZw&google_push=AXcoOmRTW_1I12q1yMtdHImQKpnDccG8PsPDK6LEqyjS1tSohIfvugwwEccgsIiNmi1jxMbvIoS4gPK5RNYhi-vv7TEIew5J06Fs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zCCG4B61S78lLo5ZliRIZw&google_push=AXcoOmRTW_1I12q1yMtdHImQKpnDccG8PsPDK6LEqyjS1tSohIfvugwwEccgsIiNmi1jxMbvIoS4gPK5RNYhi-vv7TEIew5J06Fs
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 Oct 2023 01:48:36 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zCCG4B61S78lLo5ZliRIZw&google_push=AXcoOmRTW_1I12q1yMtdHImQKpnDccG8PsPDK6LEqyjS1tSohIfvugwwEccgsIiNmi1jxMbvIoS4gPK5RNYhi-vv7TEIew5J06Fs
x-host
tde-deliveryengine-production-69ffdcd588-cd486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1BE4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIDfTDpK5HJvpNBl6KT7f6s&google_cver=1&google_push=AXcoOmS9DZRjhtJFH-jT5OWXFk9SZ7NPlxSGc1vJGKIr9809QeD1S_Nrhl86vUjlCezLmPojppjXj--YQKEpgVfGzWy-...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIDfTDpK5HJvpNBl6KT7f6s&google_cver=1&google_push=AXcoOmS9DZRjhtJFH-jT5OWXFk9SZ7NPlxSGc1vJGKIr9809QeD1S_Nrhl86vUjlCezLmPojppjXj--YQKEpgV...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmS9DZRjhtJFH-jT5OWXFk9SZ7NPlxSGc1vJGKIr9809QeD1S_Nrhl86vUjlCezLmPojppjXj--YQKEpgVfGzWy-6DUP1OKO&google_hm=rRtpH4dpReOzkiPPP-cMrA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmS9DZRjhtJFH-jT5OWXFk9SZ7NPlxSGc1vJGKIr9809QeD1S_Nrhl86vUjlCezLmPojppjXj--YQKEpgVfGzWy-6DUP1OKO&google_hm=rRtpH4dpReOzkiPPP-cMrA==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmS9DZRjhtJFH-jT5OWXFk9SZ7NPlxSGc1vJGKIr9809QeD1S_Nrhl86vUjlCezLmPojppjXj--YQKEpgVfGzWy-6DUP1OKO&google_hm=rRtpH4dpReOzkiPPP-cMrA==
date
Wed, 25 Oct 2023 01:48:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1BE4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKHJh8REm0inWiEefY2SJNs&google_cver=1&google_push=AXcoOmT-XEiuTHl5b7RMTIg-yGpyXW8_8VB6LkIFsw8xFSmlDCzozSu5OoABnbzCMSjdDupGn7l_orTS...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODk2NTYyOTc0MDcxOTkzOA&google_push=AXcoOmT-XEiuTHl5b7RMTIg-yGpyXW8_8VB6LkIFsw8xFSmlDCzozSu5OoABnbzCMSjdDupGn7l_or...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODk2NTYyOTc0MDcxOTkzOA&google_push=AXcoOmT-XEiuTHl5b7RMTIg-yGpyXW8_8VB6LkIFsw8xFSmlDCzozSu5OoABnbzCMSjdDupGn7l_orTSO0-0aOw8MOutOH0JyfE
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODk2NTYyOTc0MDcxOTkzOA&google_push=AXcoOmT-XEiuTHl5b7RMTIg-yGpyXW8_8VB6LkIFsw8xFSmlDCzozSu5OoABnbzCMSjdDupGn7l_orTSO0-0aOw8MOutOH0JyfE
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
v1
match.sharethrough.com/E4rooAtA/ Frame 1BE4 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEFhZ7Kvz1MtEjD8q65geRZw&google_cver=1&google_push=AXcoOmQxqe40K5WSsuy_Wd1ezPB_COVhxFxpYkMdJAbaixfmYvhTnYqDsNpN7uxaBvHkCS_Zdwko_rktCghQbUt2sk0Vcqpbt6Cq
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.218.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-218-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
pixel
cm.g.doubleclick.net/ Frame 1BE4
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmTfA7823kkui0JQCCq-_e2395CnR3QwkFZdvuQS7FfqrDAap02XWfWdicfTOInqDdhbI59sihoudjI__WOCyo7_1FX3i1hEPA&google_gid=CAESEFMRpaIB4AF...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_hm=T1BVYzg1NzkzNTI4YzkxNGM2Mzk0ZDE4NzdlNzczZDE4MjQ&google_nid=opera_norway_as&google_push=AXcoOmTfA782...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_hm=T1BVYzg1NzkzNTI4YzkxNGM2Mzk0ZDE4NzdlNzczZDE4MjQ&google_nid=opera_norway_as&google_push=AXcoOmTfA7823kkui0JQCCq-_e2395CnR3QwkFZdvuQS7FfqrDAap02XWfWdicfTOInqDdhbI59sihoudjI__WOCyo7_1FX3i1hEPA
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_hm=T1BVYzg1NzkzNTI4YzkxNGM2Mzk0ZDE4NzdlNzczZDE4MjQ&google_nid=opera_norway_as&google_push=AXcoOmTfA7823kkui0JQCCq-_e2395CnR3QwkFZdvuQS7FfqrDAap02XWfWdicfTOInqDdhbI59sihoudjI__WOCyo7_1FX3i1hEPA
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
326
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1BE4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEM0U9fvBqznGib0dG1KzFLk&google_cver=1&google_push=AXcoOmQUk51s_JtPs4GT3K0Os1UWYlIiJqzpb7-UKyyX8toBgniFavM0BvZCHfUIOPIUjcq4DWQsl...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEM0U9fvBqznGib0dG1KzFLk&google_push=AXcoOmQUk51s_JtPs4GT3K0Os1UWYlIiJqzpb7-UKyyX8toBgniFavM0BvZCHfUIOPIUjcq4DWQsl...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQUk51s_JtPs4GT3K0Os1UWYlIiJqzpb7-UKyyX8toBgniFavM0BvZCHfUIOPIUjcq4DWQslCPl2i35bcICXzUOe84ySyF2&google_hm=UjNmTGhmOEdUbHZj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQUk51s_JtPs4GT3K0Os1UWYlIiJqzpb7-UKyyX8toBgniFavM0BvZCHfUIOPIUjcq4DWQslCPl2i35bcICXzUOe84ySyF2&google_hm=UjNmTGhmOEdUbHZjRkNtVTY2dFA=
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 01:48:37 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQUk51s_JtPs4GT3K0Os1UWYlIiJqzpb7-UKyyX8toBgniFavM0BvZCHfUIOPIUjcq4DWQslCPl2i35bcICXzUOe84ySyF2&google_hm=UjNmTGhmOEdUbHZjRkNtVTY2dFA=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
240
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1BE4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JmGw5rPOerXW2Sqfl5tlliLh2UK4miblu7EcBJ8VfpY6nrXn3cDOrtv8qzoWJgvdpapgKgkZ9M
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 5661 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGUiFscGGu4FBPCNn5k48bA&google_cver=1&google_push=AXcoOmTtCNbyD6k59ZTC0Hy3LIbwKufPtLZntQYNktGvDJa_iGxBPEdKp61zXcolb2zyhm827cRRnh4JHirVATSOUuV_sL1r85vx
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5661
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEEwgvp23sZOFQpkMztGihIQ&google_cver=1&google_push=AXcoOmT1erhDvzaX-jeFRgVMSWj2S6tZxHlddDU1Mmn4m2sVhzNb3pXt0fMjLy3VhsgORqUEe9XnusUh0KB9P88fokR6pAWPCiuyMQ
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDA1NEQxNEM0RTVCNzhDMw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDA1NEQxNEM0RTVCNzhDMw==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDA1NEQxNEM0RTVCNzhDMw==
date
Wed, 25 Oct 2023 01:48:36 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 5661
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIDfTDpK5HJvpNBl6KT7f6s&google_cver=1&google_push=AXcoOmQPKrtpUhD2wnV8OfT_rwkVxJI_eX-ZN8ytNC3BONnf4mt1J6FYhzmsUl1clPFK9XcIXzUP0auqRlgmmd6QGq8D...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIDfTDpK5HJvpNBl6KT7f6s&google_cver=1&google_push=AXcoOmQPKrtpUhD2wnV8OfT_rwkVxJI_eX-ZN8ytNC3BONnf4mt1J6FYhzmsUl1clPFK9XcIXzUP0auqRlgmmd...
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=ad1b691f-8769-45e3-b392-23cf3fe70cac&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=ad1b691f-8769-45e3-b392-23cf3fe70cac&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=3dd40ffd-c734-4b5a-b0d8-557dfdbec814&ssp=google&expires=30&user_group=5&bsw_param=ad1b691f-8769-45e3-b392-23cf3fe70cac
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmS9DZRjhtJFH-jT5OWXFk9SZ7NPlxSGc1vJGKIr9809QeD1S_Nrhl86vUjlCezLmPojppjXj--YQKEpgVfGzWy-6DUP1OKO&google_hm=rRtpH4dpReOzkiPPP-cMrA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmS9DZRjhtJFH-jT5OWXFk9SZ7NPlxSGc1vJGKIr9809QeD1S_Nrhl86vUjlCezLmPojppjXj--YQKEpgVfGzWy-6DUP1OKO&google_hm=rRtpH4dpReOzkiPPP-cMrA==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmS9DZRjhtJFH-jT5OWXFk9SZ7NPlxSGc1vJGKIr9809QeD1S_Nrhl86vUjlCezLmPojppjXj--YQKEpgVfGzWy-6DUP1OKO&google_hm=rRtpH4dpReOzkiPPP-cMrA==
date
Wed, 25 Oct 2023 01:48:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5661
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJTpS67DYAC4Mr1Rry17mVo&c_param1=AXcoOmTuC24woy0owgvgbAv_0o5eTzpMMfRr236pXIZQaYryHE8wjycpz8xL1GgmWOnJTnCIvjvblKxCXhyJBOpAeos6IqZ_uvfJ3w&gdpr=%%GDPR%...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTuC24woy0owgvgbAv_0o5eTzpMMfRr236pXIZQaYryHE8wjycpz8xL1GgmWOnJTnCIvjvblKxCXhyJBOpAeos6IqZ_uvfJ3w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTuC24woy0owgvgbAv_0o5eTzpMMfRr236pXIZQaYryHE8wjycpz8xL1GgmWOnJTnCIvjvblKxCXhyJBOpAeos6IqZ_uvfJ3w
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTuC24woy0owgvgbAv_0o5eTzpMMfRr236pXIZQaYryHE8wjycpz8xL1GgmWOnJTnCIvjvblKxCXhyJBOpAeos6IqZ_uvfJ3w
date
Wed, 25 Oct 2023 01:48:36 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5661
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEBdGzzI9GIc3M0QdAXnh5E&google_cver=1&google_push=AXcoOmTwFvV1dAtnQ1D7KoL0BSOc7LOT_JPU9hL-EUJWNJ_LNUTjmWW3pufqCo44KPqYmihjW044M6OfxvFMp...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEBdGzzI9GIc3M0QdAXnh5E&google_push=AXcoOmTwFvV1dAtnQ1D7KoL0BSOc7LOT_JPU9hL-EUJWNJ_LNUTjmWW3pufqCo44KPqYmihjW044M6OfxvFMp...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTwFvV1dAtnQ1D7KoL0BSOc7LOT_JPU9hL-EUJWNJ_LNUTjmWW3pufqCo44KPqYmihjW044M6OfxvFMppSoRry-QxPg0NVRYg&google_hm=UjNmTGhmOEdUbHZjRk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTwFvV1dAtnQ1D7KoL0BSOc7LOT_JPU9hL-EUJWNJ_LNUTjmWW3pufqCo44KPqYmihjW044M6OfxvFMppSoRry-QxPg0NVRYg&google_hm=UjNmTGhmOEdUbHZjRkNtVTY2dFA=
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 01:48:37 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTwFvV1dAtnQ1D7KoL0BSOc7LOT_JPU9hL-EUJWNJ_LNUTjmWW3pufqCo44KPqYmihjW044M6OfxvFMppSoRry-QxPg0NVRYg&google_hm=UjNmTGhmOEdUbHZjRkNtVTY2dFA=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5661
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEH6_ycgvgqpSta5SW0ofjzQ&google_cver=1&google_push=AXcoOmSn4NYYiGng20Boblp-5Zzt7yYO6qLqeu1pl2XjZIw8tehyuNjna...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSn4NYYiGng20Boblp-5Zzt7yYO6qLqeu1pl2XjZIw8tehyuNjna1UFE2eUjqzy1fQil2KGP-ZfVKTtJEvmlRDvgP5PaHOj_pk&google_hm=QlMuMjE3NS1jYjI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSn4NYYiGng20Boblp-5Zzt7yYO6qLqeu1pl2XjZIw8tehyuNjna1UFE2eUjqzy1fQil2KGP-ZfVKTtJEvmlRDvgP5PaHOj_pk&google_hm=QlMuMjE3NS1jYjI4LTQ2YTYtODg4ZQ==
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSn4NYYiGng20Boblp-5Zzt7yYO6qLqeu1pl2XjZIw8tehyuNjna1UFE2eUjqzy1fQil2KGP-ZfVKTtJEvmlRDvgP5PaHOj_pk&google_hm=QlMuMjE3NS1jYjI4LTQ2YTYtODg4ZQ==
Date
Wed, 25 Oct 2023 01:48:36 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
report
sync.teads.tv/um/ Frame 5661
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDfhCWqIOGr3...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MjM0MGJhOTctOWIzMi00M2RlLTk3OWUtYjE5NDM2ZGJlMDA4&google_push=AXcoOmQ8xjL8nbl9-ST86FDIs6fqhfAM0IdJLd3BHRLnHijTCoIw_GQ1Ft1NLg-ED88Gg...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 01:48:36 GMT
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5661 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ljrt90SWtDuSED_5A3Vmo37s73KpjWUJA-iRJtgpGi5VpbSmUqTxw3RNEug243_UyM64s_3JQ
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 5D95 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGUiFscGGu4FBPCNn5k48bA&google_cver=1&google_push=AXcoOmSx8MqdeDPraieAW5RgbSFgWA66YtmO37RdF034QS7A25mEPqWVASqk85nDqb5Ww7GOFYUFsttbFUWHQEMu93QKeJqCGHziBQ
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5D95
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO99rGfuPXxaCysUWY6tV94&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO99rGfuPXxaCysUWY6tV94&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TGw5YTMyYnMxUVZ0MEU1&google_gid=CAESEO99rGfuPXxaCysUWY6tV94&google_cver=1&google_push=AXcoOmSyXCDUknkfZbWJR0W4YrGxQi362O3kvqXzg-PK0Yy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TGw5YTMyYnMxUVZ0MEU1&google_gid=CAESEO99rGfuPXxaCysUWY6tV94&google_cver=1&google_push=AXcoOmSyXCDUknkfZbWJR0W4YrGxQi362O3kvqXzg-PK0Yymr_hkJVyQ3IzDQy3zTdRgSROTieKUIlVGJx-zuY8bfMpB3g8lpdD1
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 01:48:36 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e3fa82937dfe784e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TGw5YTMyYnMxUVZ0MEU1&google_gid=CAESEO99rGfuPXxaCysUWY6tV94&google_cver=1&google_push=AXcoOmSyXCDUknkfZbWJR0W4YrGxQi362O3kvqXzg-PK0Yymr_hkJVyQ3IzDQy3zTdRgSROTieKUIlVGJx-zuY8bfMpB3g8lpdD1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5D95 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENHRa9qFRqHcBaUSmjbvD1I&google_cver=1&google_push=AXcoOmQzF63Rczg5sqethvAmdrlPC-Wi8cFbBlw2eR-R2GMPbGF-gOAYG2w9boO0NeudyxMk0aTzwzIM0qmUkydzJcSD0sWLAA2Dqw
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 5D95
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTrmu...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-1nD6UakVxOPJD3ZAI4VCqr594gW-igR4Wwd2qw&google_push=AXcoOmTrmuCxNzXN1PMqu0EoMuFJ49PEckHF7omIOXbzAZuYEvZ14i-ObgWLMJMP7nEvi6dJHq2X7A-gB0ay...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-1nD6UakVxOPJD3ZAI4VCqr594gW-igR4Wwd2qw&google_push=AXcoOmTrmuCxNzXN1PMqu0EoMuFJ49PEckHF7omIOXbzAZuYEvZ14i-ObgWLMJMP7nEvi6dJHq2X7A-gB0ayWFFy-apguitaz_rJNA
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-1nD6UakVxOPJD3ZAI4VCqr594gW-igR4Wwd2qw&google_push=AXcoOmTrmuCxNzXN1PMqu0EoMuFJ49PEckHF7omIOXbzAZuYEvZ14i-ObgWLMJMP7nEvi6dJHq2X7A-gB0ayWFFy-apguitaz_rJNA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
812737
content-length
0
expires
Wed, 25 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5D95
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEOJWeiJpk1a0X28zG0HW49w&google_cver=1&google_push=AXcoOmRodvNf4i-XEu1AMYLcEA5_FrcFaNip7B3SCg_H3qlZWW6dTNfry3LR8DIduSk9uuF5YVRbpvBBSWKodO7s_03bdq...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOJWeiJpk1a0X28zG0HW49w&google_cver=1&google_push=AXcoOmRodvNf4i-XEu1AMYLcEA5_FrcFaNip7B3SCg_H3qlZWW6dTNfry3LR8DIduSk9uuF5YVRbpvBBSWKodO7s...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=uxE8gk7AR1utJJp3217vGQ&google_push=AXcoOmRodvNf4i-XEu1AMYLcEA5_FrcFaNip7B3SCg_H3qlZWW6dTNfry3LR8DIduSk9uuF5YVRbpvBBSWKodO7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=uxE8gk7AR1utJJp3217vGQ&google_push=AXcoOmRodvNf4i-XEu1AMYLcEA5_FrcFaNip7B3SCg_H3qlZWW6dTNfry3LR8DIduSk9uuF5YVRbpvBBSWKodO7s_03bdqAUbI9ahA
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=uxE8gk7AR1utJJp3217vGQ&google_push=AXcoOmRodvNf4i-XEu1AMYLcEA5_FrcFaNip7B3SCg_H3qlZWW6dTNfry3LR8DIduSk9uuF5YVRbpvBBSWKodO7s_03bdqAUbI9ahA
access-control-allow-origin
*
date
Wed, 25 Oct 2023 01:48:36 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 5D95
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEM0U9fvBqznGib0dG1KzFLk&google_cver=1&google_push=AXcoOmQPmUrlA3tV5YqeinW1p08zsZmYmV-pbW9F4nV1dANK0vVOyRZP1EF5s9pwLMOkhlmzCm9wZ...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEM0U9fvBqznGib0dG1KzFLk&google_push=AXcoOmQPmUrlA3tV5YqeinW1p08zsZmYmV-pbW9F4nV1dANK0vVOyRZP1EF5s9pwLMOkhlmzCm9wZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQPmUrlA3tV5YqeinW1p08zsZmYmV-pbW9F4nV1dANK0vVOyRZP1EF5s9pwLMOkhlmzCm9wZRGnJn32kB1THUAqIigtTpD27Pc&google_hm=Y3o2MFlURzNCN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQPmUrlA3tV5YqeinW1p08zsZmYmV-pbW9F4nV1dANK0vVOyRZP1EF5s9pwLMOkhlmzCm9wZRGnJn32kB1THUAqIigtTpD27Pc&google_hm=Y3o2MFlURzNCNTNiejVSMkk5X2E=
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 01:48:37 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQPmUrlA3tV5YqeinW1p08zsZmYmV-pbW9F4nV1dANK0vVOyRZP1EF5s9pwLMOkhlmzCm9wZRGnJn32kB1THUAqIigtTpD27Pc&google_hm=Y3o2MFlURzNCNTNiejVSMkk5X2E=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
243
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5D95
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGlqJgtJe...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGl...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ad1b691f-8769-45e3-b392-23cf3fe70cac&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ad1b691f-8769-45e3-b392-23cf3fe70cac&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ad1b691f-8769-45e3-b392-23cf3fe70cac&%%GOOGLE_PUSH_PAIR%%
date
Wed, 25 Oct 2023 01:48:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 5D95 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JNiRebhLkPKiPTyjD0s8nriUsT1G2h4u8NURMYRTDqaoYkt9i-rjFlaCH200a-U3u3UiCl-Y4
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
rid
matchadsrvr.yieldmo.com/track/ Frame ECD5 		49 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
AVDHdzQTVVWC0eDvDW9JKLTD5p7zTUMZZOjV-Ngnct3pmct0p_Z5Jw==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:36 GMT
x-amzn-RequestId
e4613c96-6664-0eb2-b9d3-4aa2e3f5217b
/
kinesis.us-east-1.amazonaws.com/ Frame ECD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
f4049e5d5da9cac7fd913510467e6145350dfaa0266dbfb1db1750edfe013757

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=37ef0be03050cb22f6d673af487d81cc6ca811a136daff980e590d32fd4afc31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
c31ffe9dc3bc77cf86600c2549aa340035bdfff073a05737f1c481a7674bceed
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014836Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
cc63f516-1f85-8927-91d1-83239a14a6ee
Content-Length
133
x-amz-id-2
mOy3pqVuHVuxdpCZINFLuKFWFxypYRyRBRyazNN8N3ZA5rHN8EU7XZlSSI34yh03ZXkhAmwQMH2pIaETFs+JSxVhhLFsflGp
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame 30CF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Wed, 25 Oct 2023 01:48:36 GMT
pragma
no-cache
52.handlebars.js
static.yieldmo.com/sdk/template/js/desktop/ Frame ECD5 		208 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding
gzip
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 10:49:27 GMT
x-amz-cf-pop
FRA60-P5
age
61425
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Jul 2022 20:34:36 GMT
server
AmazonS3
etag
W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
DeoRe8v1a-7UwkLLei9ljd8gGvkPQpk8GQfLx0Wrw3oML1Tsl_qruw==
rid
matchadsrvr.yieldmo.com/track/ Frame B86F 		49 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
JZcFgTkpJRnSEIPrlfWiT87_g5S5q_kcQZxQXt92x2M-J1UmwqoN3Q==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:36 GMT
x-amzn-RequestId
d3a8f89c-1cc8-5a39-8e1a-8ea81708e65a
/
kinesis.us-east-1.amazonaws.com/ Frame B86F 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
7019ace50c2413eee6884092a332fbb881a825154a6fa115af9ab079bb8d08ad

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=baf904a7e60b33319d2cc7a1d5f99f02eda14bd818311862cf16441ee81d105d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
7a6464d9f0db5a2284fae56aacd5fbd23e41d247a1027dec370e568180f21e91
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014836Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
fe82a177-bee6-8b99-a330-d74232bcb03a
Content-Length
133
x-amz-id-2
T/DIhIcBe8UDJSDDDKl4UOEtg+On+BkX0y3VANTiTiwdIyTgIxbwOYhqI5r6MMVpZhEpGf5xpdAfyRoRxeuxoYKNiZmia0S/
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame 74B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Wed, 25 Oct 2023 01:48:36 GMT
pragma
no-cache
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:36 GMT
x-amzn-RequestId
c82bd18c-ba71-8377-9599-a7b83fe0acbe
52.handlebars.js
static.yieldmo.com/sdk/template/js/desktop/ Frame B86F 		208 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding
gzip
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 10:49:27 GMT
x-amz-cf-pop
FRA60-P5
age
61425
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Jul 2022 20:34:36 GMT
server
AmazonS3
etag
W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
TdcEOIMSvy1P6UNhHl76SQpaQqWrnv9Ty2ox0KA6vywSJ-tTSbSahg==
/
kinesis.us-east-1.amazonaws.com/ Frame B86F 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
bf028a955867939ff11d3d9684c473cc6fda2079b931bc9c5ec099fbb580a37d

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=d21c457a99a73b38d249ebd5ee67a660bb7b8117690e3872024e4e97ba1569b5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
3c2f9288eaee4ddd714abf67651bb8df0151495a862c595ab87ffc5985987ad5
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014836Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
c3fd8db5-549e-bdbd-9e4f-fb80b8c9d7c1
Content-Length
133
x-amz-id-2
xK15RBM+8ODtooO/rTfEaEyv6YlFR0XYC17Nkr65ZyHMg6L6Xn6waeXsAZQQkk6f2zqw3/NjCyABfhspwPbHyUqvSeSo1OVm
Content-Type
application/x-amz-json-1.1
rid
matchadsrvr.yieldmo.com/track/ Frame 4BA1 		49 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
gVlRvnexYltYOJcTdxXldr7bBmoMFNuxCoDyIkqABh9xipV7R-yxrQ==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
ea408f30-722f-401c-b7f2-f905fe757bbf
/
kinesis.us-east-1.amazonaws.com/ Frame 4BA1 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
a2ebcd5e946b2a6bf29e6e7989d13d66a5b11b35e3da57f152d6c09923b9f0c8

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=6d0cdbe9a6b3c71475afe03c8245ff9d6236c1b21672965034759ac9541b8760
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
073287804d5fe252c6b62831fc0c57a91466ed9a5a141423362bed3f101af26c
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014836Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
d1a43950-43be-78fe-8c16-4f6549d1a976
Content-Length
133
x-amz-id-2
4pOeEyC1N9D3bH7R6z9HlG/ZdkVL6Z04rUvHbqsNrGeA/boPQBDURowNjTFcuU59eA2NKgZ4F9pkVSnojxG/M+3z+eLdz9cM
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame 4DF8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Wed, 25 Oct 2023 01:48:36 GMT
pragma
no-cache
52.handlebars.js
static.yieldmo.com/sdk/template/js_b/desktop/ Frame 4BA1 		208 KB
61 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js_b/desktop/52.handlebars.js
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
YQ_PAHjHhR2k9ZZbM2TmYlKb5Z2N6Pg_
content-encoding
br
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 01:53:58 GMT
x-amz-cf-pop
FRA60-P5
age
86182
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Jul 2022 20:34:37 GMT
server
AmazonS3
etag
W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
5ViYh9GRqwGm3PS1MUrk7ahh8RfU6tm5hI6_4mDltYVtA4TCLfdCBA==
pixel
cm.g.doubleclick.net/ Frame 6270
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_cver=1&google_push=AXcoOmQrf5L9ACrwEuHS3UoHE7ajAASMb_IBEipxdOF-nWnkZECjVkj...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6215ea709a10166b&is_secure=true&networkId=14000&version=1&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_cver=1&google_push=AXcoOmQrf5L9...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH4q2CjXp3CQMaVCv5AAAAAAA&expiration=1698284916&google_cver=1&is_secure=true&google_gid=CAESEHj10bT-rkVA-rtfy6c3E...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH4q2CjXp3CQMaVCv5AAAAAAA&expiration=1698284916&google_cver=1&is_secure=true&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_push=AXcoOmQrf5L9ACrwEuHS3UoHE7ajAASMb_IBEipxdOF-nWnkZECjVkjasGVRRWDMALFjOrbG648gHTJIDbaozfUedhH_d20PI5U
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH4q2CjXp3CQMaVCv5AAAAAAA&expiration=1698284916&google_cver=1&is_secure=true&google_gid=CAESEHj10bT-rkVA-rtfy6c3EKk&google_push=AXcoOmQrf5L9ACrwEuHS3UoHE7ajAASMb_IBEipxdOF-nWnkZECjVkjasGVRRWDMALFjOrbG648gHTJIDbaozfUedhH_d20PI5U
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
i.match
s.tribalfusion.com/z/ Frame 6270
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJE5l3OKuBaFkx8ONypsMW0&google_cver=1&google_push=AXcoOmRgTAYJr6qjvUMmn2YuBiruHkPsthqsHHfzsh82nPpudNnnl3qvdCOBE89Nohx3LyQZ0betfw0j8wB-809b5WKXcZglxiM&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJE5l3OKuBaFkx8ONypsMW0&google_cver=1&google_push=AXcoOmRgTAYJr6qjvUMmn2YuBiruHkPsthqsHHfzsh82nPpudNnnl3qvdCOBE89Nohx3LyQZ0betfw0j8wB-809b5WKXcZglxiM...
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJE5l3OKuBaFkx8ONypsMW0&google_cver=1&google_push=AXcoOmRgTAYJr6qjvUMmn2YuBiruHkPsthqsHHfzsh82nPpudNnnl3qvdCOBE89Nohx3LyQZ0betfw0j8wB-809b5WKXcZglxiM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRgTAYJr6qjvUMmn2YuBiruHkPsthqsHHfzsh82nPpudNnnl3qvdCOBE89Nohx3LyQZ0betfw0j8wB-809b5WKXcZglxiM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81b6cc5b488801eb-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
777
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJE5l3OKuBaFkx8ONypsMW0&google_cver=1&google_push=AXcoOmRgTAYJr6qjvUMmn2YuBiruHkPsthqsHHfzsh82nPpudNnnl3qvdCOBE89Nohx3LyQZ0betfw0j8wB-809b5WKXcZglxiM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRgTAYJr6qjvUMmn2YuBiruHkPsthqsHHfzsh82nPpudNnnl3qvdCOBE89Nohx3LyQZ0betfw0j8wB-809b5WKXcZglxiM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81b6cc594e7d01eb-ZRH
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6270
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTVQ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-1nD6UakVxOPJD3ZAI4VCqr594gW-igR4Wwd2qw&google_push=AXcoOmTVQ9c-RZWQtbCRG4FJhMlU2NgHiJiH3krmGXDd2cC3PlqdIOvP4hVWBkbqiayUYOyACGnsOV6nKx9u...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-1nD6UakVxOPJD3ZAI4VCqr594gW-igR4Wwd2qw&google_push=AXcoOmTVQ9c-RZWQtbCRG4FJhMlU2NgHiJiH3krmGXDd2cC3PlqdIOvP4hVWBkbqiayUYOyACGnsOV6nKx9uOB7VGo2Jl7yBepM
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-1nD6UakVxOPJD3ZAI4VCqr594gW-igR4Wwd2qw&google_push=AXcoOmTVQ9c-RZWQtbCRG4FJhMlU2NgHiJiH3krmGXDd2cC3PlqdIOvP4hVWBkbqiayUYOyACGnsOV6nKx9uOB7VGo2Jl7yBepM
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
541687
content-length
0
expires
Wed, 25 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6270
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGqm3LycR0mCfW37I72OtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGqm3LycR0mCfW37I72OtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSCXMvorMrpaxEo5CqvSyUyT0MMRbDx3XZXF2u-H0hUD5Pu7yINtR0C1QpRFclsKAEKQJ062ZvgRHqccQDd_M6L7cfJG9g
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RGqm3LycR0mCfW37I72OtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSCXMvorMrpaxEo5CqvSyUyT0MMRbDx3XZXF2u-H0hUD5Pu7yINtR0C1QpRFclsKAEKQJ062ZvgRHqccQDd_M6L7cfJG9g
date
Wed, 25 Oct 2023 01:48:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6270
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEHFLsC_1suctXpQfyeIxcOQ&google_cver=1&google_push=AXcoOmT_G632m-NbTA1T0_dEGTpefWL1_ZlBICpPzhFgINu389Y0FFLGY2KNv31CDgBMHAwHEMlcttugLgc-3OzdZKOtg7X...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZGM5MDkzMTQ1ZjA2NDBlNDljMmJlMmI3YjFkYTBjOTA%3D&UIDF=CAESEHFLsC_1suctXpQfyeIxcOQ&google_cver=1&google_push=AXcoOmT_G632m-NbTA1T0_dEGTpe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZGM5MDkzMTQ1ZjA2NDBlNDljMmJlMmI3YjFkYTBjOTA%3D&UIDF=CAESEHFLsC_1suctXpQfyeIxcOQ&google_cver=1&google_push=AXcoOmT_G632m-NbTA1T0_dEGTpefWL1_ZlBICpPzhFgINu389Y0FFLGY2KNv31CDgBMHAwHEMlcttugLgc-3OzdZKOtg7XYJyI
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZGM5MDkzMTQ1ZjA2NDBlNDljMmJlMmI3YjFkYTBjOTA%3D&UIDF=CAESEHFLsC_1suctXpQfyeIxcOQ&google_cver=1&google_push=AXcoOmT_G632m-NbTA1T0_dEGTpefWL1_ZlBICpPzhFgINu389Y0FFLGY2KNv31CDgBMHAwHEMlcttugLgc-3OzdZKOtg7XYJyI
date
Wed, 25 Oct 2023 01:48:37 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pub
cs.chocolateplatform.com/ Frame 6270 		0
0
spacer.gif
an.yandex.ru/resource/ Frame 6270
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEKebHHQsc64MzgT-D95Etl8?ext-param=AXcoOmTPHXjBnbIxu3qK3yDrReDOrmrO5bizZA8DbfkRE5IqrBq4ugVwaB0Lwd_DlDknK5FUwMICk6ikyNYhVIohBm4XGZSHMhiJ&partner-tag=yandex_ag&g...
  • https://an.yandex.ru/mapuid/google/CAESEKebHHQsc64MzgT-D95Etl8?redir-setuniq=1&ext-param=AXcoOmTPHXjBnbIxu3qK3yDrReDOrmrO5bizZA8DbfkRE5IqrBq4ugVwaB0Lwd_DlDknK5FUwMICk6ikyNYhVIohBm4XGZSHMhiJ&partner...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEKebHHQsc64MzgT-D95Etl8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 09 Oct 2024 01:48:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6270 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Khn7bqwT1LJgq9z1bPQDi1GwR8MLe_wIWbBE6KOnyChGReAmHU6Au7nVC0QnCyuyZAh1x5fw
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
rid
matchadsrvr.yieldmo.com/track/ Frame 1DF2 		49 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
ywYPfKdpAiTpsJsbQMD1wShthW_cnVFlAi22gceUpglwgiL0VcyMAA==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:36 GMT
x-amzn-RequestId
f324319f-a52b-d688-ae96-47abaf440700
/
kinesis.us-east-1.amazonaws.com/ Frame 1DF2 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
0dba9cd28464bb07ae35f8956a4ee75dc22d747dfa50d61a9bc47792643217c8

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=a9f9e7034df099ce14123ab40182bb7c1a1ac1695cf3a597e52b360bd1726cc3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
d46ea871fbc247ecf4eeb8dd1a81b8244fbf86babc94a24c75d03daaf438fa9c
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014836Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
fffa60db-58cb-7b9b-a248-16ee530bc7f8
Content-Length
133
x-amz-id-2
eURt8PmYr2/fAqFe5z75qdX4oVMHxiCr7gElX2UbrxlgqrBi+s9aGUtyWKbG7xM/WVzZ4+7CBgu+iWuLX3rhOzB45tzuZ/GO
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame D3B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Wed, 25 Oct 2023 01:48:36 GMT
pragma
no-cache
52.handlebars.js
static.yieldmo.com/sdk/template/js/desktop/ Frame 1DF2 		208 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding
gzip
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 10:49:27 GMT
x-amz-cf-pop
FRA60-P5
age
61426
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Jul 2022 20:34:36 GMT
server
AmazonS3
etag
W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
ahDOnz1YP9Z-r8ZuH3s9kQ7AftmIMqu54pkrK7vrVaR6ornTjjApng==
rid
matchadsrvr.yieldmo.com/track/ Frame B30E 		49 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
OhRcJtUAccodqeXNP_qo8CxBkK68OUVXqb0UAWqlLMqOlcpgxb9mpg==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
e26b6d0d-b221-c6fe-bfd9-1b38b9e17a9d
/
kinesis.us-east-1.amazonaws.com/ Frame B30E 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
3b8f770b10663c0e0547f3e5054a7e63da8b437323bb58afcbfdc57320b1b1b0

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=a42337f6821668e09fbe93bc473bc7cfa190e0cbc47761522fd835f32cc7e2af
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
4311c076ddd5c58df3d7079b0862acd0da6e3d683e59d15db274062b6462d050
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014836Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
c40d6e0b-52e3-11f9-99bf-183e5923ad9a
Content-Length
133
x-amz-id-2
pqQNAMs3V0pjQGREE03eyoKwoYtn6+6MPAgM3CbrimnNd8eEgXPz3NFTMKDj/aQ9dfIwjRh9/8RrjsVFCU56l3ruomJDjoVu
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame C2DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Wed, 25 Oct 2023 01:48:36 GMT
pragma
no-cache
52.handlebars.js
static.yieldmo.com/sdk/template/js/desktop/ Frame B30E 		208 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding
gzip
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 10:49:27 GMT
x-amz-cf-pop
FRA60-P5
age
61426
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Jul 2022 20:34:36 GMT
server
AmazonS3
etag
W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
OkyKq_I1Q-nPUDH8KdvTjNlPDwKrj7GLVP_Xy_OprOKp7gen2YuUJg==
rid
matchadsrvr.yieldmo.com/track/ Frame AFA4 		49 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
nIa_BlJtXif5sOEEV1p1nUifTvAFgKPQxZIT2Q7hpDz6LqU4ih56Hw==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
d97800e2-fcb3-76c0-84ca-76d7f773caa3
/
kinesis.us-east-1.amazonaws.com/ Frame AFA4 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
2cf37e75b57055c4955874cd50aa5d16b2ed00df71866cc340fdfa4f542e2dd1

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f3b0f63884b06d73927b8aa44e8cbbba90d854af337539ae23e845c0398a7dfa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
8d5a0bf25c210b523df296176a20233e08a67c8cd522740e6fae2c6b9ee0de3b
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014836Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
eca13e61-4e64-392c-b113-4854c23e028f
Content-Length
133
x-amz-id-2
kAtU/RMYxuofdhcrc6hmcFTuFAIl2dDyWWINDnXjOpHQcESH1mx1sloLno8qXkF0Igfcq5c1cQJE7jZhuVgozWkYERsMV+Tn
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame DF23 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Wed, 25 Oct 2023 01:48:36 GMT
pragma
no-cache
52.handlebars.js
static.yieldmo.com/sdk/template/js_b/desktop/ Frame AFA4 		208 KB
61 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js_b/desktop/52.handlebars.js
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
YQ_PAHjHhR2k9ZZbM2TmYlKb5Z2N6Pg_
content-encoding
br
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 01:53:58 GMT
x-amz-cf-pop
FRA60-P5
age
86182
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Jul 2022 20:34:37 GMT
server
AmazonS3
etag
W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
Pqyncrh5472nOIewR5uuIbPmMIwL0csZeS9cRVPmSZrWkzHYWkCEUQ==
rid
matchadsrvr.yieldmo.com/track/ Frame 04C9 		49 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
1
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
1PrT_bfmDZoUcd7R2Gtl_CQhynAdhCKr4NWfWFfaOBYEekxcMVR3qg==
/
kinesis.us-east-1.amazonaws.com/ Frame 04C9 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
3747cff682b191f3497de08896cc8ed493900ec19b8726faebdafcb85d0dce9c

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=946230c11331c36d8f72ac6dddb584fccdf01858e2146d86462678859035a7a4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
3216330895ff0de4cb12107945bad2e4ee84ea3211b536702efccafac29dda85
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014837Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
f9b3582a-b2f0-40dd-a401-2e1fb930fcbe
Content-Length
133
x-amz-id-2
3a5ckkkBaCDGomOnsUo8zQS9Ru3gzg85MdltiESBLETCr9ByDPjkJRu88IpSCCtGuGzBY7hdAIgAhi/9egmRYrpbsF3aYGGv
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame 5208 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Wed, 25 Oct 2023 01:48:37 GMT
pragma
no-cache
52.handlebars.js
static.yieldmo.com/sdk/template/js/desktop/ Frame 04C9 		208 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding
gzip
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 10:49:27 GMT
x-amz-cf-pop
FRA60-P5
age
61426
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Jul 2022 20:34:36 GMT
server
AmazonS3
etag
W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
FHrY6o66bUCGp_NVId7e1PCJB6kP-5k46V6U7zoCuR2Ee5CeY1fLyA==
rid
matchadsrvr.yieldmo.com/track/ Frame 2196 		49 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
1
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
IYaN1uf0w3g2nARqiUsMpfkufkB9Y5sj2ysstUTAqHev8Gh3Cb9hLA==
/
kinesis.us-east-1.amazonaws.com/ Frame 2196 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
485a9b3f05ae44a506e9fc8227a147bc675d7ba129f23a84cac562c58cb3f569

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=a0161da08a3e7bd5f5b4fbf352591fab4b762373c11936981f2233802c90095d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
678dd8d4bf065929744fc6c76526b1a14ffbd1cdb095286d5ec7a6b5c5adcdb2
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014837Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
ed3ca689-54ad-30a8-b08e-d0bcd13c1f61
Content-Length
133
x-amz-id-2
YeUlXEGdEKLvrNDtvJ4vtPiXCp5a12Is3QKuAQOdOQfQQ129ZcEf82TjprtPIm206xGH1qIjLOOIux6U+kqo46C5g3X2a6ew
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame 97E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Wed, 25 Oct 2023 01:48:37 GMT
pragma
no-cache
52.handlebars.js
static.yieldmo.com/sdk/template/js/desktop/ Frame 2196 		208 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding
gzip
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 10:49:27 GMT
x-amz-cf-pop
FRA60-P5
age
61426
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Jul 2022 20:34:36 GMT
server
AmazonS3
etag
W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
dFx_DYCFzQl59k6RMqCQkZ6SsYx5QO45ibF7kVK9asz2GV4YNvOaQA==
rmpssp
sync.1rx.io/usersync2/ Frame 46D7
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1698198517383
0
0
pixel
cm.g.doubleclick.net/ Frame 46D7
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDQ2QUE2REMtQkM5Qy00NzQ5LTgyN0QtNkRGQjIzQkQ4RUI1&gdpr=-1&gdpr_consent=
0
0
getuid
ib.adnxs.com/ Frame 46D7 		0
0
sync
ups.analytics.yahoo.com/ups/58529/ Frame 46D7 		0
0
receive
pixel.tapad.com/idsync/ex/ Frame 46D7 		0
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 46D7 		0
0
pixel
cm.g.doubleclick.net/ Frame 46D7 		0
0
rtset
bh.contextweb.com/bh/ Frame 46D7 		0
0
pixel
cm.g.doubleclick.net/ Frame 46D7 		0
0
generic
match.adsrvr.org/track/cmf/ Frame 46D7 		0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 46D7 		0
0
cookiesync
bttrack.com/pixel/ Frame 46D7 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 46D7 		0
0
CookieSyncYieldMo
rtb.adentifi.com/ Frame 46D7 		0
0
sync
sync.srv.stackadapt.com/ Frame 46D7 		0
0
current
yieldmo-match.dotomi.com/match/bounce/ Frame 46D7 		0
0
cm
u.openx.net/w/1.0/ Frame 46D7 		0
0
sync
x.bidswitch.net/ Frame 46D7 		0
0
/
b1sync.zemanta.com/usersync/yieldmo/ Frame 46D7 		0
0
26980
stags.bluekai.com/site/ Frame 46D7 		0
0
cksync.php
contextual.media.net/ Frame 46D7 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 46D7 		0
0
match
c1.adform.net/serving/cookie/ Frame 46D7 		0
0
/
csync.loopme.me/ Frame 46D7 		0
0
sync
rtb.mfadsrvr.com/ Frame 46D7 		0
0
397286.gif
idsync.rlcdn.com/ Frame 46D7 		0
0
g.pixel
aa.agkn.com/adscores/ Frame 46D7 		0
0
psync
xsync.iqzone.com/ Frame 46D7 		0
0
mo
match.prod.bidr.io/cookie-sync/ Frame 46D7 		0
0
yieldmo
cs.admanmedia.com/sync/ Frame 46D7 		0
0
pixel
cm.g.doubleclick.net/ Frame 46D7 		0
0
pixel
cm.g.doubleclick.net/ Frame 3E83
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENHRa9qFRqHcBaUSmjbvD1I&google_cver=1&google_push=AXcoOmQa50M2xO-Ht0Fn0bdrl0Zi5c-lYHruVOrysEnwjjh2F7si4OsOdVEF_Fm573dfzK6o59mhZPkHw9JODc...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQa50M2xO-Ht0Fn0bdrl0Zi5c-lYHruVOrysEnwjjh2F7si4OsOdVEF_Fm573dfzK6o59mhZPkHw9JODcctwLp5F2iYA54C_A&google_hm=hmU4c_TW-va2KgC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQa50M2xO-Ht0Fn0bdrl0Zi5c-lYHruVOrysEnwjjh2F7si4OsOdVEF_Fm573dfzK6o59mhZPkHw9JODcctwLp5F2iYA54C_A&google_hm=hmU4c_TW-va2KgCG9w&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D653873F4D6FAF6B62A0086F7BLIS
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQa50M2xO-Ht0Fn0bdrl0Zi5c-lYHruVOrysEnwjjh2F7si4OsOdVEF_Fm573dfzK6o59mhZPkHw9JODcctwLp5F2iYA54C_A&google_hm=hmU4c_TW-va2KgCG9w&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D653873F4D6FAF6B62A0086F7BLIS
date
Wed, 25 Oct 2023 01:48:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3E83
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELMRxIbiLGVhQkHMd-SRUQQ&google_cver=1&google_push=AXcoOmTbx8TI9QJ-hfK4XMoH_5l2_EwX486_vCnETNTqfoWa2qZshFZiokDJVJMiVCtOestVXngoOB66aujHZQwu...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zCCG4B61S78lLo5ZliRIZw&google_push=AXcoOmTbx8TI9QJ-hfK4XMoH_5l2_EwX486_vCnETNTqfoWa2qZshFZiokDJVJMiVCtOestVXngoOB66aujHZQwu-0bpLSUl0NQ-
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zCCG4B61S78lLo5ZliRIZw&google_push=AXcoOmTbx8TI9QJ-hfK4XMoH_5l2_EwX486_vCnETNTqfoWa2qZshFZiokDJVJMiVCtOestVXngoOB66aujHZQwu-0bpLSUl0NQ-
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 Oct 2023 01:48:37 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zCCG4B61S78lLo5ZliRIZw&google_push=AXcoOmTbx8TI9QJ-hfK4XMoH_5l2_EwX486_vCnETNTqfoWa2qZshFZiokDJVJMiVCtOestVXngoOB66aujHZQwu-0bpLSUl0NQ-
x-host
tde-deliveryengine-production-69ffdcd588-t2g7p
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3E83
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKHJh8REm0inWiEefY2SJNs&google_cver=1&google_push=AXcoOmSTCdCuAa6jfOLjkAIGuOFwsfdzQ3NaGBCf_IvpdmouEeytYev5sBGOF7dtsrO9jifjcJEstYAz...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODk2NTYyOTc0MDcxOTkzOA&google_push=AXcoOmSTCdCuAa6jfOLjkAIGuOFwsfdzQ3NaGBCf_IvpdmouEeytYev5sBGOF7dtsrO9jifjcJEstY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODk2NTYyOTc0MDcxOTkzOA&google_push=AXcoOmSTCdCuAa6jfOLjkAIGuOFwsfdzQ3NaGBCf_IvpdmouEeytYev5sBGOF7dtsrO9jifjcJEstYAzruXST7kzHYom2DpeWEjmJg
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUwODk2NTYyOTc0MDcxOTkzOA&google_push=AXcoOmSTCdCuAa6jfOLjkAIGuOFwsfdzQ3NaGBCf_IvpdmouEeytYev5sBGOF7dtsrO9jifjcJEstYAzruXST7kzHYom2DpeWEjmJg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
dsp.adkernel.com/ Frame 3E83 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEEVegs2e_PiZ2GNt_YGCdss&google_cver=1&google_push=AXcoOmSL1kX4j7DdNpZryuFqm2S-G1FzSQ-xksNX83t6u82NPzpuRkgr6nZGVOPfIncnJySvYmF4JyOMuhY06ekzA1sSmjOj_F5z
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 01:48:37 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 3E83
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_hm=ZThz9HlfJ6x8HxbKVTp4-gAACF0AAAAB&google_nid=index&google_push=AXcoOmSINb_zH3GqH4KO7dQSdaNnoXoQi-Gzo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_hm=ZThz9HlfJ6x8HxbKVTp4-gAACF0AAAAB&google_nid=index&google_push=AXcoOmSINb_zH3GqH4KO7dQSdaNnoXoQi-Gzo-pFxBPvGepwVf_YXXIFwa14CtBR2--j94zuBrgIimwRYp4ipOuBlyQh-gUPMyZcUw
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URK18fKMaI5M%2BxQzACAjUvFVhheQzWus5ISTlrxB7qXqieWT4i76vCVYoOsAkmoszdah13WP5xi%2FV0jwEAsHJIfEcZr9F%2BasfDwMgwQqkbOAnBHMndtcahJEk53FjTOxWHv8p0Gnv45IcA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIHL1l7UJN12ANWuenmEkxk&google_hm=ZThz9HlfJ6x8HxbKVTp4-gAACF0AAAAB&google_nid=index&google_push=AXcoOmSINb_zH3GqH4KO7dQSdaNnoXoQi-Gzo-pFxBPvGepwVf_YXXIFwa14CtBR2--j94zuBrgIimwRYp4ipOuBlyQh-gUPMyZcUw
cache-control
no-cache
cf-ray
81b6cc5cdc7224be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 3E83
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEE61yV3HPKtvnudnQKbAwaA&google_cver=1&google_push=AXcoOmTyKRPG-IiRzrWKUUiQ9mkaNJ5ksvY8OhgFLImRxUvr1J6oyML_Q0VkmPQnekcwKiZZdSdHP...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTyKRPG-IiRzrWKUUiQ9mkaNJ5ksvY8OhgFLImRxUvr1J6oyML_Q0VkmPQnekcwKiZZdSdHP_lv7HIZQgZRL1nkdNEtYKzr&google_hm=WlRoejlNQ28...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTyKRPG-IiRzrWKUUiQ9mkaNJ5ksvY8OhgFLImRxUvr1J6oyML_Q0VkmPQnekcwKiZZdSdHP_lv7HIZQgZRL1nkdNEtYKzr&google_hm=WlRoejlNQ284WGdBQUxhWHpnQUFBQUFB
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 25 Oct 2023 01:48:37 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEE61yV3HPKtvnudnQKbAwaA&google_cver=1&google_push=AXcoOmTyKRPG-IiRzrWKUUiQ9mkaNJ5ksvY8OhgFLImRxUvr1J6oyML_Q0VkmPQnekcwKiZZdSdHP_lv7HIZQgZRL1nkdNEtYKzr","cluster_id":0,"gdpr":false,"ipv4":"77.57.195.200","key":"ZThz9MCo8XgAALaXzgAAAAAA","privacy_sensitive":false,"uid":"ZThz9MCo8XgAALaXzgAAAAAA","upstream_id":"m-ad234"}
X-SO-Key
ZThz9MCo8XgAALaXzgAAAAAA
X-SO-Upstream-ID
m-ad234
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad234.dc4p.scaleout.jp
X-SO-UID
ZThz9MCo8XgAALaXzgAAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
77.57.195.200
X-SO-Cluster-ID
0
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTyKRPG-IiRzrWKUUiQ9mkaNJ5ksvY8OhgFLImRxUvr1J6oyML_Q0VkmPQnekcwKiZZdSdHP_lv7HIZQgZRL1nkdNEtYKzr&google_hm=WlRoejlNQ284WGdBQUxhWHpnQUFBQUFB
Cache-Control
private
X-SO-Ads-Time
3
X-SO-LB-Hostname
m-tgng20.dc4p.scaleout.jp
pixel
cm.g.doubleclick.net/ Frame 3E83
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQLIR4HzXh_cSHI0bfHgFwGcwbuszoqCFDfnz5yEOu7uuI7LMfc96jGawm0i7O8XBHOvnThVEsmshlmk3OP9SW5NhiCRlaTSdU&google_gid=CAESEFMRpaIB4A...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_hm=T1BVYzg1NzkzNTI4YzkxNGM2Mzk0ZDE4NzdlNzczZDE4MjQ&google_nid=opera_norway_as&google_push=AXcoOmQLIR4H...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_hm=T1BVYzg1NzkzNTI4YzkxNGM2Mzk0ZDE4NzdlNzczZDE4MjQ&google_nid=opera_norway_as&google_push=AXcoOmQLIR4HzXh_cSHI0bfHgFwGcwbuszoqCFDfnz5yEOu7uuI7LMfc96jGawm0i7O8XBHOvnThVEsmshlmk3OP9SW5NhiCRlaTSdU
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFMRpaIB4AFg_DgrgB0mauw&google_hm=T1BVYzg1NzkzNTI4YzkxNGM2Mzk0ZDE4NzdlNzczZDE4MjQ&google_nid=opera_norway_as&google_push=AXcoOmQLIR4HzXh_cSHI0bfHgFwGcwbuszoqCFDfnz5yEOu7uuI7LMfc96jGawm0i7O8XBHOvnThVEsmshlmk3OP9SW5NhiCRlaTSdU
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
327
expires
Mon, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3E83 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBQH2hkgWbgFaZk9LAuf_C5jTjJGVVpj6piHUQZrCQsfWKPU8uPpVNw3EJlb3Q6uVslphZ8g
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
kinesis.us-east-1.amazonaws.com/ Frame 79E1 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
635c502e2abd16835c7e8633c4644161e8b7f2fb670c3c3b84228e4129d7be72

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=5c5d54e51a20ae9f04e1ec6beacbbc7f1f52413438c0f9fe66170ae2a16d9197
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
9e34a9d9d7d219e9f3f89a65ab0c2c2e47053b786bd577efa1ce2af8153561d2
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014837Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
f0715fb1-d1ec-d28c-adc3-29843dbbb8f0
Content-Length
133
x-amz-id-2
iQsRERGD21kazxZFU9GqxXcH7TvwnOpM74Zegq44faC3xJv76iqSfEw3OoDRGhp+6/FWWYC4OhjDRh1W7fQ+hG44Clf1kgy7
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 1B73 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
37cf0462ef2d7c99e83bd364a6e53a3cab43b2a0edb61f2ade221246d99e1d7d

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=7999eb42f52dc5fc6f893983764841672b7c043ff274b1ba43e0d2543fa60195
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
9f1558630608ba8cb6839c9c42a09626ff3ac4cd05e9250ad42462784efe8b42
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014837Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
fabe1312-3c29-1847-a70c-652737e9a424
Content-Length
133
x-amz-id-2
QH+9zTRJorcwKvXPq+gz3y4HVjvmsDwcH0Vi/98Utq6s2UD8GpWD+ahy3ivphDHVVgMIyTofO2WLSU0h37srArvo2qJKX3vm
Content-Type
application/x-amz-json-1.1
rid
matchadsrvr.yieldmo.com/track/ Frame CB6B 		49 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
1
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
yZwt5xSX64-KFGT-EUCy1eZ3kiAeolWHyjWx6pwmV7PleUCOdh0vHw==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
cb6e2ac6-26c9-865d-96dc-5cf3a358a994
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
decd9604-f5e0-329e-837f-e031fe208efd
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
d4db94a0-9102-d9d0-8969-e2957d55b3ac
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
e65b6563-0e1c-a36e-bbe9-13568b8d8ca7
/
kinesis.us-east-1.amazonaws.com/ Frame CB6B 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
243880bb2158cf1464c853745ed71f165f741dec56ffa6945e62909097669283

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=5bad5b507492739d245cd31161d8ccef7cab397efe0c36f6df2dd9022735e889
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
db400132b8d178a0fe80a800bb84d30e1da85b464b2b5dbcfba2559c04e4a470
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014837Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
d439492d-ec0a-5aa7-898b-3f18e7cae6c4
Content-Length
133
x-amz-id-2
1GBWIP4xAaVcVdbmnEYWunhRYSw5YH71wku0xt1peWR1bx2oWUP1+sG+LQXIt0x27jINS37WbnHh8Efv6wl3p58l7PfhwLLc
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame AEEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Wed, 25 Oct 2023 01:48:37 GMT
pragma
no-cache
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
e48a7b10-1b26-bf45-b938-0d25f771d539
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
eb2e8305-c1bd-bcc1-b69c-f530cbd26d49
36.handlebars.js
static.yieldmo.com/sdk/template/js_a/desktop/ Frame CB6B 		210 KB
62 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/sdk/template/js_a/desktop/36.handlebars.js
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14fdb30698fe1edfbb87904d8edcda380e8ebd520ac5725c2e9673b4d668c680

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
L6Tqfoniwn_PFcZ3MDtVf975NdrWli2G
content-encoding
br
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 05:25:18 GMT
x-amz-cf-pop
FRA60-P5
age
73400
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 19 Sep 2023 15:41:26 GMT
server
AmazonS3
etag
W/"6ce58e8e92e962aa1c2ba7880bfe08fa"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
pVNPJt_9BW14_wB5jUw9L4pJDUNFLXcUcV3W34eR58ksRdP8cgwcUg==
/
kinesis.us-east-1.amazonaws.com/ Frame CB6B 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
1c3255c44b60ed600928d2a9c0fa10d94e71ac0c8fd6cc31a81c5f71ba33bd63

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b6646ea98682f499291824ec9db538ed3a6f30e5bcc0e74741c9c5a9381aa915
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
2e2533e9e97366590efbfcf879e63aa4ec4a56675e71f589708620d8a9cde5a5
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014837Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
c68d9bc2-33ef-1217-9b3f-edf73980c39f
Content-Length
133
x-amz-id-2
CR9k3QyC4DmsenywdVF9mrcH3+u9h9qrn/AfEUZt1IhVAHKYaDomPS6RPGcJvRf9kLdErGvyPlBwUHJBXzabp02z9RRDOVJb
Content-Type
application/x-amz-json-1.1
truncated
/ Frame 1B73 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a7793d8d477731e8a7b88e9f43844c9b6c973a3855b1169a6ac4021476dee13

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
kinesis.us-east-1.amazonaws.com/ Frame ECD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
f8df696a7e49d7b1fa86b6dfb37f85ba92a3cd90329dfecb220e67449f779dd6

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=19d2fe73020f6652c3c207d94831f098ffc5fd64a819122ba9b6f953d75b0f6f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
a8cfa8cfed2b612c3b698190d8a39fd65490aff75f0e5e089e317520043ab120
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014837Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
f267fd11-b99f-6086-afd5-8b2435c55b25
Content-Length
133
x-amz-id-2
vHqq6F8e9lC3V9Q6AJFCNWCwqYa+VWdmd7A+BJM6fVbGo+HevuZKJVOwvFLtKzqz/v0bQnyPADpp7kLBO5fO0jA5h/Yr/wVP
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
e068de02-573e-bb06-bdda-a837db6480a5
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:37 GMT
x-amzn-RequestId
c3e8c398-0bb7-c8f6-9e5a-b5ad01d8197e
/
kinesis.us-east-1.amazonaws.com/ Frame 79E1 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
0a328b53b11be3e3bf3a90c2eddb341e440eef9e0bd6f09d0d6fbf165332e8ad

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=ffb43a8d4e6d17ccdf52ff6f36808736d7c0abfee79c8f77629af10f42ace8ec
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
3215ab0de3d5266f07dd4f4b5a9b7f353ab90a3a4bb0d875ba21899f2c287276
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014837Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
f1bcf5d6-f261-556b-ac0e-83e0f80e84e3
Content-Length
133
x-amz-id-2
NU2N+VHwrB3hSVDpCaC61Ja0UMrPzLwrNO1gn7a9O4lHk1bbxoB44r7NmLqK+S3HsHejs/hvaSvAVjn7DiOTPDZGL/9T+vHy
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 79E1 		0
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.19-513&imp=9020999600708608140&plid=2521236318193655889&pvid=3391854045410039673&fmtid=52&e=16&rep_meta=dqercb_DA95RPbqz1L-N6OyRpfA_5JvI3RutqPk9w4o4j8CBu3nlBqtXMTwIvH-kdgTXC_80O3OdqoJKLEm6BOsfxEai5TK32y9re6VLdM3xNZrBFDTKC2caJOwdahsHBlopR3ueAlY-9O5Bl3I04_31ZKzO6Y61K6mpoSiubG0N7R84bE6vcYNoLpNtXLJFKqkRSzZL--uu7Ik7TBKU6aYR1ihBGETBEDXScq1Hs6CKnbtSES5QdNP-K6j1Xr8Og5kd99TgnkcOWnHVyXEOXKKWvcXvl-Adh3-UKyN6pEu34u8sLn5NnnxgaIh_pMCuSr37Lvwu1HkgwmXDCGNGP_Aj6iPzQQBwKSDkem8AkNaq3J7n2m8owSvgONuDQhbxZ56piU5qxfxsu3uoLRoa4O5_4JVI1MYTBJJQN5k1QjQ&offsetX=0&offsetY=0&pvt=1698198511013&stime=1698198517900&etime=1698198517900&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:37 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
dv3_native_client.js
pagead2.googlesyndication.com/pagead/js/ Frame 8A9D 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7960
x-xss-protection
0
server
cafe
etag
2243287812070980505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:37 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8A9D 		42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZk7sBFZWj9JicOZ4wTJ6NgdelHpUa4m86j7nG0E60TSMmpAPZaTMVlw42pok67iMGmd28N5bRCP9OMEaCU8DU356WLg&cry=1&dbm_d=AKAmf-DUxTkdTzVkDumBN6mzGdxZ3_VDx5emFguLilYPBcwEV7LOelew4Md-SA-edJEelUBNIBUyzP7eHMMG1dAEZPQZ_oEgbQ8LEzDa6IsmddiRWKrWG8TcMI60UxuQiTFvSPZmYcrKtZUKRVeFLMwEZuUZZF0_9o4PC9VKs0cdP9PQVNoJlUYA-e-STPsZuag4S2hGlXqlifPQ_vcz9NpkECx_49kz0Hd64WoxvlqoWWTc9AybsampRdD_T--Fn8cTd_xHWBpC0fE_a0UCmOtLZzl2ac8FCqf45WU5DMObS7TisoQQs3fLFP1adqHqs4NKvfUjmG2UqchH0VdMN4v-vRkTNcmfYCuAPngvMWauyB0WqHVBAtwM6FfTt3HeSA-A-T-cS-JkGiR-2H-a1Q9eGC0dvxli6_bHHYNVsgUkZkfJH51wxDscc8N6WXIaa8nUsGDsr1RTea_YTC0JwlccCS9V5O9l_mwhMeX5cHx3VFvp238uV8MREpc64bhiuOqiIXT1EgettZWjdYpWCsk1GjLm_OLeSA7NMt-B3VWBVR0QUDNOD_8mYhnOQEYm9BLOxY31b6vivXk9dUuZAgFGeIKb9uQwea6nOj9fF0Rj3nVCtdAInZTMHe6Cg-MA16dF9nMaVqmwowYz43pskODCfioJzuGvV9h1Xj-8jGI9HLaq7iHC9kw00LarNLrls-6yHS02eR77KSx50Csv8GVxrNi8j7m1VsMWO_7LzDLTv2-KAMY5hNZBiFihgetONxBwGQUCN4FL9RBeHvBKGmjPP_U58rrFkNgaVGkPM90y1K3h7GYJHKuqw7QmJ7SEiJL7QLTWPyrUpzqmuF46Ws4u3t0VPerQCcpUWCy3Ka7EKPaH4i2XPQmDeUfj-8Gbta-wcjT3R_DYOXq82dUIzox2kd55LCdmDGqxd6uE-B34RvdxDcfwwrQUCLHLBaEA2aLEyXM2zYioWZSQku3l2Lf2-5O4TfL6aPQHJeHA95QEzovq8YH2ARQLq3VtBSomiwBY2IxFjjwEwmHRVxAfY3CNGA4IqFd5T16YGCgrN_OuEl8RR7cqj-nUSbJoWrPzMKEmn6qeW3dY9lQ1g_k7TfSIYH35zObQs0YqxPxhJwrDWp2dGrdOsznXOaaXmyYEa7R1dbpJobQS2YBKHp0zondw2xd4ip3DY5suTUivMvHvCzrqEp1E8GsnEM0Qdg_inUPFU1yyhbY6Wu3tgTQ64dRj2dtWJTsUFQ6c47x1aPDXbNqE93_79q4Of9wKhFiw7BSVED5ki6prx7ZDsYo_7YX408Q8pezvQm3_fCzvpFuP01eETKSt3InvWFEiZFo8j4gkgm7huBW2PRoyyryeo8fSmJM_8reJrNSfov9t6zIU9KkL7cIFGuFsPFeXdrUD8jD6LPmgp5mKQ08yDU1n0EqRiWl_mUz_dV48lHYkyd4zrH7QeeA2p-BeY6762npT8JjdyyYx7qNpUYF1m3Zos-IF8TJ_0RdoQYKIjZ1uUwy5jC5njtngr1OFe-0Tys8Q4FO5l3mIUQtz160RPzXzpqvMqvNimVYVK6lqDHGnfkZfhVu0NhTuek7y9kgAuWCZ4YvkIZG7gCRKTCbgxdwDyzl1rVu95NUrUTFDG12u-g7yizoc5TJn6tZdmnBYwpxgzbBDbXKO-Wwyf65PeLkgZDrGCbS8D-wJW0ebFRkNwPgO7Y0AO-xZvpvV2_pilws1UFjoZnlPWI0_W50waAzc3d08HIRiOPWdS5IqmGIPhBA6QyUzmTCSeUlcF3yl1kgtydNAUziauQmlCyZXwU6nfbxC9rmUETnVlK5EJX9H9lo3ByHXYYHq9A1a8asRpx7eYKMBJwkQSNs8EHXfurxgY_sT4TBj2OdxaA8XgYNW-In_yhU6E5CMXgAkbiq2Elr_gLaR5x7x2WEzff-db3hGP_-BztcpPrx4QoFR_ZgTvVjoLjzrbftZOmVN1o-erdivf_E5m09tFKZ6hlcrZk2N9DhSHORTB7IS5gg7R2FcG6kFIOloPBluxUjxK9IAkWBvWPGGU9PXHKRNVUHkw7EncoXXid5vFD5XMK2_S-oHwAFMVxYauvjjaJFsJeNtOyQBrDVasSm0vXyv3BOZZNQX9Y44COKEQQEwKO-HLUxmc7nboJ8vftdGbRVgsq7fb5WfAPBKsnz7-McdiJAo3tqzLj1dWkDlyDS2Q8xj7Xg-OfF-uPMayLz2_jGEOtOHpBqrq13_ZnEiGKA4&pr=67:1.673732&cid=CAQSMgDICaaNyXHD-1ZJ_UbOEsZFVTgUmBJDWELwkHXHOidckzXaAkwkIrY9vsNnlz3Jlu52GAE&dc_exteid=31326233320498472192523593767701809&dc_pubid=4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad-choices.svg
static.yieldmo.com/images/ Frame 79E1 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Tue, 24 Oct 2023 08:24:11 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
62667
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
_-GsBA8PHJDnEf2u7NWGHkMcmFzodzbr2mlECGI1XyKZ1hoamq7Fxg==
5909135346386734207
s0.2mdn.net/simgad/ Frame 79E1 		738 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5909135346386734207
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
2d1cb3f75b762bb8be443ee6f9cd1a74e8930add7650d459144488263371ff0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 22:45:34 GMT
x-content-type-options
nosniff
age
183783
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
756017
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 22:45:34 GMT
11060333927620269952
s0.2mdn.net/simgad/ Frame 79E1 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11060333927620269952
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
4a7cd00c42daf7ae543ef7b9f149066d8fd6c063fc962aa8e1b7f2c50efbc9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 23:35:20 GMT
x-content-type-options
nosniff
age
180797
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6846
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 23:35:20 GMT
p2
sb.scorecardresearch.com/ Frame 79E1
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=ed000cc26ecc6fb9504d
  • https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=ed000cc26ecc6fb9504d
43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=ed000cc26ecc6fb9504d
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:38 GMT
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
yVq-R8vISFc0YNrzkuNVhrBCimNGLr4uyaMcg2iUXfO6aqbxkHHylA==

Redirect headers

date
Wed, 25 Oct 2023 01:48:38 GMT
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
location
/p2?c1=8&c2=18969557&ns_ap_it=b&rn=ed000cc26ecc6fb9504d
content-length
0
x-amz-cf-id
A3K2tKSNvFFvTdEA7PbQ-bXf0Xh74EJqT82jU1F3Q4WJgnt4IzrDMQ==
collect
s.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://folkd.com
Date
Wed, 25 Oct 2023 01:48:38 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
/
kinesis.us-east-1.amazonaws.com/ Frame 4BA1 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
caf4cf1dfe95ab9703234baa422fa8df36214e44ca925267324dbe6edf2b1ad1

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=754ecc083ebb9f59c08655fc388c0a8e979210d530e94eeaf04c13904d4bf5a4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
61b965bf3c2c9c32b585ba17f1401f386e40e3fff32e4619519ba86f6c47fb1e
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014837Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
f6372ddc-247b-59fb-ab85-5bea2fbbe598
Content-Length
133
x-amz-id-2
Asak0/pb9AP04ri6AHRBjZ0Wxym+4sEg06eHgeauZWZc9tBhKf+a7iPWSDeIC7/ofOrPa2HxH/tWv7pR4lDYmOLa9a+HVmIC
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
f93f762d-9217-1e30-a48d-001b99d7a253
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
e93d0a92-eb0d-39c3-b48f-7ca467570260
/
kinesis.us-east-1.amazonaws.com/ Frame 1DF2 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
9427930f7ded98876f7ac148f5dbda8d9c9fac56362e0fefa6a556b7e707aa01

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=4c8670d18533c4e4b3aeeb080d6b3b805053c5e507120ef49f1d0302c067f7e4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
1094d2b38bb867cff33a523401d57ab972fcdd345a796a61a0d6934f069d10a9
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014838Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
ccba36d1-2122-f803-9108-40e7ad78c3a0
Content-Length
133
x-amz-id-2
m35MpC665W8iFD2cJ/Lf/e5l4NuMgK6jX/ZoEUXkqhifBZmZjNhA67IasIZDzJ35Zs8nEdzn/1QoaZqK/dgu8Blz86cKNzNa
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
e6b004ea-101e-481d-bb02-72dc1bdef47e
/
kinesis.us-east-1.amazonaws.com/ Frame B30E 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
ed6ce0b9a7d531ece20ea2899ab285c07a3f255b758cd2da750cd209eb505638

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=6722ab8f94564171332e97d91d720ccac1c6e9b301e75d3cb0e112829c6c862a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
90255cdfb69fb5dd859ecb941338a56509ffd1948fc4b036e3d52c51cab04305
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014838Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
c04ad2f7-0cd4-4d78-9df8-a4c10714f11b
Content-Length
133
x-amz-id-2
8rN5Zpqid0TXDFyZk/HXL2PIjo7D6LryDJ0nQP76V71j81ntAzqGPXNdheocdsObnhQtLIhLmSslJET/uYUu7S3ajiI3GYLP
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame AFA4 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
8351a14005ddedbd12c2f4871a656945ae0d7bdf13ca20e02621c59e3ce47ca6

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=84427f49076479dacac893758ce3b6b05ed38085264a229d738b366e5b94285a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
7e6cb8a76f613dc8ff93bfa5f0bb30625a326e05721746a920717dd7fc5ea6b6
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014838Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
f232c65e-3708-d6ad-af80-b0683d670725
Content-Length
133
x-amz-id-2
2jTBpkFCwQ29TCQOUda35i0CtmjJs7p2jel28JsxvE1r9m7qf3Cs2Jaz6t9BrTNE52LEYE27g3rEByJ2g1bMAd4xFvJ/SplG
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
eef76189-7713-8d8d-b345-17bf7d7c5c05
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
d846d716-bccc-0eaa-85f4-a120509b64d6
/
kinesis.us-east-1.amazonaws.com/ Frame 04C9 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
2947177724ae451aa2f9a09f6a5ee6152f2e79ed01922cb8fcd89a06a0218603

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=8774a8e2b0c9daf7e5b492b544738bc886a71dc77a9405e08b95fcab20c578e3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
b6d5405bc3cad700c32a89865fd6a5568c44752e571711c129fb9b0265dcfffd
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014838Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
d7ef41f6-9d54-8adf-8a5d-37c07103e0a3
Content-Length
133
x-amz-id-2
wklQilWBGZOdHsnvbP1BhJufvLH/RBX9tKO45XnGtvQxFZbGQ0C9xI8qXOP1TWsz3DdAMKT/PojQFDIkjVP7vFqdRrrUQDTT
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 2196 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
6f711c915fd97457830f6e42246d024e9e5daa1133d8ff94b8cb0be13551bbd9

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e743367427b56301e895919441dbed6fc0f34dd9017b863747447bd2b375b12d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
7b6c0915ac62c8a8634990cb7f9bf32180197d9ab8ac12f8cdcf8fa7f4ceaf60
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014838Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
fde08101-3b37-a59b-a052-f73730f719f8
Content-Length
133
x-amz-id-2
WYxe4NpYLnduk7dbiY6/ZlYole0VEJ3GTY4fAIKBrKHqVTOLP/96YJoiX6Iwum83f3W4WPNaQtxWoZ+zq8060+CowdIRHpmS
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
f083b43a-4105-d5c2-ad31-c20c4ac569a1
truncated
/ Frame CB6B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b155028720badafed621265a9c063642f6562c986c451a09165545b25f356449

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
f2bd8fb2-19ff-298c-af0f-f98495a5122f
/
kinesis.us-east-1.amazonaws.com/ Frame 79E1 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
5425256ecfb9d69942d027953b9ecd8d497c865f4b8266c2f8ee115caa0d215e

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=ece6e9a25f889d78340f5896b7c563014c9cbc330dc0fb8a937db1a53a3af915
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
29b87d44ccee6b79c8510c7d7543766295b502b28d05e13ea7be78e61aab540e
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014838Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
c2ee1e5f-a706-19c8-9f5c-68692b5c226b
Content-Length
133
x-amz-id-2
c+IZ4t5a1ZNtMZySGDJffdcHxetFieo+RpuhjBjgLyB0/oWjtW7Asxnn5Ykeu+zRYEgkCKVKTazD1Ax9WSEV84+3cQmSDs2Z
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 79E1 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=588&fver=5.9.26-F36-46-52-54-59-B491&imp=9020999600708608140&plid=2521236318193655889&pvid=3391854045410039673&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1698198511013&stime=1698198518478&etime=1698198518479&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:38 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
ad-choices.svg
static.yieldmo.com/images/ Frame 1B73 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Tue, 24 Oct 2023 08:24:11 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
62668
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
4-AKrch45Tqa_aXJqj8OuQ3-uFFtsg_AzKk9smHEwvYqQ24ovbJaSQ==
5909135346386734207
s0.2mdn.net/simgad/ Frame 1B73 		738 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5909135346386734207
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
2d1cb3f75b762bb8be443ee6f9cd1a74e8930add7650d459144488263371ff0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 22:45:34 GMT
x-content-type-options
nosniff
age
183784
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
756017
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 22:45:34 GMT
11060333927620269952
s0.2mdn.net/simgad/ Frame 1B73 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11060333927620269952
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
4a7cd00c42daf7ae543ef7b9f149066d8fd6c063fc962aa8e1b7f2c50efbc9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 23:35:20 GMT
x-content-type-options
nosniff
age
180798
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6846
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 23:35:20 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 1B73 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
15f8609f42e7b1a21e305a4b8ec18e4d5608910b1bcc84d8c9580947125559c9

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f0c326649f1e882fdcaf763dd8e3132cd3f16edcc957e49b81aa7c440cc3d81e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
59e47f76fae5c1d08b01f6e44d9a4a5546059e770f83bbc6655383f6555fea8b
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014838Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:39 GMT
x-amzn-RequestId
d15eb01a-b94c-0bc4-8cec-c62db28cb7a7
Content-Length
133
x-amz-id-2
ZQgITpXWWSpmtCabyyahOJMniaoMGEzkkqz9zHSf3fG33RZ68qYCnPihOqYiW6YdRixHDLpbqpKbq6xsEwcrp6++3EjVoGka
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 1B73 		0
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.19-513&imp=8491056163408216296&plid=2521236318193655889&pvid=3391854064317961638&fmtid=52&e=16&rep_meta=dqercb_DA95RPbqz1L-N6OyRpfA_5JvI3RutqPk9w4o4j8CBu3nlBqtXMTwIvH-kdgTXC_80O3OdqoJKLEm6BOsfxEai5TK32y9re6VLdM3xNZrBFDTKC2caJOwdahsHBlopR3ueAlY-9O5Bl3I04_31ZKzO6Y61K6mpoSiubG0N7R84bE6vcYNoLpNtXLJFKqkRSzZL--uu7Ik7TBKU6aYR1ihBGETBEDXScq1Hs6CKnbtSES5QdNP-K6j1Xr8Og5kd99TgnkcOWnHVyXEOXKKWvcXvl-Adh3-UKyN6pEu34u8sLn5NnnxgaIh_pMCuSr37Lvwu1HkgwmXDCGNGP_Aj6iPzQQBwKSDkem8AkNaq3J7n2m8owSvgONuDQhbxZ56piU5qxfxsu3uoLRoa4O5_4JVI1MYTBJJQN5k1QjQ&offsetX=0&offsetY=0&pvt=1698198513267&stime=1698198518681&etime=1698198518682&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:39 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:39 GMT
x-amzn-RequestId
f43f4411-26ed-cd8d-a98d-32262d2d71ee
dv3_native_client.js
pagead2.googlesyndication.com/pagead/js/ Frame F8A4 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7960
x-xss-protection
0
server
cafe
etag
2243287812070980505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:38 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F8A4 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dk2aPoOzHgas2cPqOL6FJOp4-imu0T8OkuLXDQvc1D5eKgqBsTKHcTnzIwwsgViFWEKBQiXQylQN7Ff8Y9GYMr0gfT6g&cry=1&dbm_d=AKAmf-BFkDziHAyu-pr4AK4RQKHL3MT-EH5pmDsYW9we9hWB6ZkFda9yqBrao4Ujw804MSWlYo7rkxDnWsV6nc-LJhgMes5TV8BkVWJBxBlZ2cXgJSKhgY7IlPkl2EhkFSk94vCj46NL18A-JFOSpa9ZLNzoP9rLyKSUtzciTkO566XEWZf1itpDcpzthoEP2s1vk4C7J6ghboCTDuKNVJQEHs5x3IAPEsRpRRqLDxUstC8kZrSSHD5zMFBYkKYwcUjK7B2BZB_reVEo2NpWfC2LgNqQfzfJ1yqQb3ax3cW6EB_BDJlOrC55UwhFhoKw6MVsTVbzHYJzsbdf-owcdShb0w6CXWRQ9siAc7-De3lA73OShkaU_7hvVZYR4UD3TP9u4y3DTG8NIxHC9bDgVi7KD5D7ldoYDbzyhfE3uQKMI5GPGHTZ_u_ta_-7jgJZaS535uxQPxhpIQifXPrPOTFIHIZzmcSccQfWSxKvGQCwuKZYWjNfA3wMKL_Ca8uB55uIMwugeRH07OqEjFRc_K4Vh1q9HfNn2HINXp1bwvWqSHg6c7ZbCrG7Iyoo4TKy46Q_IeSdabGve3XnDNAQK-6qwWimsgdRPBXOQgQVSvpqA52WVw7dgklzgOfKZ640dB7fJdMc9-PyIJIfz0XIkl_9qxb87XJfCVT3Y8Vg96v_MjEYmU4PuOb0ko-03TeUBVCq4kKfVNSWayqP4ywiGA5vrYIm_0xReJQ8emfBVgOuaTEqp9jVHDDd_Pg8_mlBeRiVMkItWWysvUabozh8Vj_-nbjMBL5E5AGDglyk9Bj7fLZ6XuYgBydJOMFNnjdnyVONGEEP3JbfcTqVeeHeTuKWC75VpY175IxkTPooT5QyDkej32K-M2uB0-299QG_Ot6GMwziR8cdJAlZlZfgqLcvVgrUOJTOD2G5bnhtcLoO5cNGf3oJGwxEPphLWXWH8PR6T25TlSPp0kjtvfy64T_NiEVO_-C6ZW4IEQiaFjE526-BDCAE0NF-MKv8jfOoXydlojasSQJHk04jkfTIqwcuygXe-jKR1n5v7ABhJhaSMsFJXbaU55wjg1meIz9V1i-bDIGq2DaFGuVOVfJXeU7F-Q5fUgdQC8CyIgQQj8oH-fv2w-TyAlp6mmLRQdS0G1apJPc5t9KHSbkfg7gKnVzP75ZOgS1WiqfWetYqHVWLNV2-TRlMndBXsyvZzcM29yFnNyYl7iziN5SCy7Bpbsj2chwQpEtwN2UwC5Us9PhoM2twdcZMwY8bP1dv_xuz1TxOyCtDoPqj-YDrE9tNWYmIv84H11ycyOcMgfhVRkWQ2SCBYXGK9ejNOO0VspSsn3V-6Q26882ELlLU1Zgp1VlZ9QM4odkbIDilslWw6XrXqVQGX7VlQy8OmWUXacq3zAo8PEaxSbpX1hZb5w8goCA5V9MMBj3oBzRC9xf9ly-GAKMJqOPCtJvgWwoNeBMLY4yi7544p3qCb5fvny0hSn3HbG7mPdme_2-i-J8d36AKGE7Z6c8XUZDA4AbgtxXapUOB8BN1R3981PNmpA1E3sLAhur1q2v3rHIOfCyxqPHQ9-_65FpObNwCTV-JGjd57H_37rsDHBNr_i_cZuXa507C1kGcvDSakVX2HllDNWY95ziw5mW6PPsvCPKsHL1kh22zpCuYhChza3UEYGW0Uza4hsFpvgu1QdvYJgXK_6mhWqyVPBD_h_WqpuZj1BDThPU3yS9zXYZN5WG7wMk0vGwZqFjKbohT_l6au24h63qGeexg7cPXhqZo_OqEyrszsiqB5QeRSPjZ3b2c94-5aPuiLer9rppi6dmUiudK2qB95MXrb25KBqf2hANStoUi5Y-HZQDUbuYrTWQSp0YdEgsmxhi77NXQcpzTXp269_Q-lCGTlfD5Qoivp3t6Ta_QwPcJWbs75bJ471TvKGcW2wNvVjibHF1C8OjOn9haBYz0s_wpbASZF7F0PTuCd14rbhiqBNOGPROjulKDgYxR6OZH3HQQ2-2hVXPU80567THIK-1XqDvNE8AYrS7SyFo_WJGKZ9FC-pfKKA1NpKGLP31J8a9oFkVdbxtV2VF0v8pZbHJAVhQjvEqLq2fBcdzRLCerwMwhNWF-c7AFQgJWT8PBj9Ko-z_peElO2BxTd00uaOuTm08MsxrC_szF4QDE2a0qtM1YfegCchWUIYi7EkRPnSnuOCR_N01ysTklYdR2H07avxiOgAE&pr=67:1.673732&cid=CAQSMgDICaaN0pa-sbDeDSf7x0JC6yBNqMpa_JlG04-aTwLp7m1IwrCDORY8pSNE-lPEmv1HGAE&dc_exteid=31326233361655482180212476307121839&dc_pubid=4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame 1B73 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=b69348be250cb7c62739
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:38 GMT
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
MlEKDulLA-wItFxCAC5FN-gu-o4SJdKKIyiwHIiSb_aVe8OO1Xosug==
truncated
/ Frame ECD5 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddcb7fa0c15b640dbbfc3bebba61aa02ef0b775d2e9451a1df71608a0ff8c3e9

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ad-choices.svg
static.yieldmo.com/images/ Frame ECD5 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Tue, 24 Oct 2023 08:24:11 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
62668
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
ZI8sGmkCUaHHf0WlKX-M2C_XSscJpLi9o7tJSS6HfxR2ac64wstiMQ==
5909135346386734207
s0.2mdn.net/simgad/ Frame ECD5 		738 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5909135346386734207
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
2d1cb3f75b762bb8be443ee6f9cd1a74e8930add7650d459144488263371ff0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 22:45:34 GMT
x-content-type-options
nosniff
age
183784
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
756017
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 22:45:34 GMT
11060333927620269952
s0.2mdn.net/simgad/ Frame ECD5 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11060333927620269952
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
4a7cd00c42daf7ae543ef7b9f149066d8fd6c063fc962aa8e1b7f2c50efbc9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 23:35:20 GMT
x-content-type-options
nosniff
age
180798
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6846
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 23:35:20 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:38 GMT
x-amzn-RequestId
dd407c7e-9c9a-20d8-80f2-0a4810c01b7b
/
kinesis.us-east-1.amazonaws.com/ Frame ECD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
b004cda7bb6da30811d9b7e7882d63e2b504dd30acc6d8b1ef5a4d096d51aa1a

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=8762779bd51cbd3b58d1a613d46fe8542173101e74b7439b45c927f494330395
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
0425335a12027c4071853689704b46606c6f86b78ae970f16eb8b2aedf216d42
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014838Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:39 GMT
x-amzn-RequestId
ce0e8f29-dfd7-ab74-93bc-f91e538d90d7
Content-Length
133
x-amz-id-2
0GLOyEuEFk/PpRi541CikR8jPBB6RKXU0/B03i8u9j3eHTX9XoVyR0nTxY2ZMMXU2GxhHLXIYRq870dmXX5oJLCMu/DkVTng
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame ECD5 		0
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.19-513&imp=8620885078136118730&plid=2521236318193655889&pvid=3391854064334738859&fmtid=52&e=16&rep_meta=dqercb_DA95RPbqz1L-N6OyRpfA_5JvI3RutqPk9w4o4j8CBu3nlBqtXMTwIvH-kdgTXC_80O3OdqoJKLEm6BOsfxEai5TK32y9re6VLdM3xNZrBFDTKC2caJOwdahsHBlopR3ueAlY-9O5Bl3I04_31ZKzO6Y61K6mpoSiubG0N7R84bE6vcYNoLpNtXLJFJ16pTpAZmOmnyoDAike5KHmoKQjP2O9SgRArIqrAka67XTEweHtaxaAbJr8qNCpShDQ4pBG3pTdY4SlDmlqWQiT5VkEnjacVXpL0fd12d8hCxtAEAWjRjj1qfqvvQ4Z_Ryblxu9ms3-SdvwY02DJi4dWs-Sd54JwHAazG2rnzHJpILfq1pZest1okwFXZbCls8qNu2qY0325nPkU7Y46MYBan4L7b5UZxXhIpQJ7In4&offsetX=0&offsetY=0&pvt=1698198513269&stime=1698198518881&etime=1698198518881&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:39 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
dv3_native_client.js
pagead2.googlesyndication.com/pagead/js/ Frame 3CA5 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7960
x-xss-protection
0
server
cafe
etag
2243287812070980505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:38 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3CA5 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BbTAsm6QM0H2qXpdJE-N6jfJnyH-ziCpVWph4WXNA0SpT9Lc-cy1squ936R9_PCnoLsAAKMK8ofeLQBs2MDHoopcN_nQ&cry=1&dbm_d=AKAmf-CXWe8EedFiBo7kr1foxWobGd1_KjNXt--NlMhmH0J1F6F9PSvcWYUbXrLA-Dm05p5q9ta3CK0n9STV-y8Co-klCiEcFWUOvV_bKb7pKGuqs5VCeuArg8Z9eTgjenkc6DxzPWkTTkaznqWhgPS8b6jW6W9TotQ_MHPTc_G3txEG3lSj-et-fwssA4q8iDtjibRYTGPMLcNYzihmlBBEQipeoDIkkS8J8mLDnp1rQY5Slbnwxm23r5J-ahDIZUfDOfyKkuZqn3V5Lo1R8SRiBRfXUQFfQ8HVdyLDVxYM9eqYxjU2Yaf4U5ZRGEoVUHnhAgBFoNPuoWi55yeKE_k5Fsmv80JPi4h9HzrU420s7Q5tQ4lgqDFlrOPYbHaKP0eJJRYNf5GnyCi76-4hIQbL9G5t4CRchQfpT8Xe-Ai9IScTttvprezRckbu2gpJhCucAkvyC4acKGbSYaD9wUUBOuUQ3OjP7FEhZ3vgGekRBuLPOl5fOXtBGl2Q9BhQmiHOKZIdTxA4IJetzxwHg2zitMBHyHBpdhu_WBcS1R_-vkTzeDIidzk62Gik5F2P1PcZnpRBx2NI-E-EeCCzFLwXoF-RDHXP0LiNA_8XRaziOzIBZjpYmGUpz763BQ77y39HJYjCw91HsXy2nkBS3Cz31DBZPOGgOziEGn_cdIVBToRnDnAxsonwYNMq3_nEhaDOyAo_hvxQsXFHhz4p0tXdriIKMu5c2fxhBHcRbi98zvjySP07fZ19pWQ59f0juFVHOW7ZhgBLweEYzB05C0SGDgf4F2dyu-rJV-OOmZ6JZFmA1rYH-G9OW6FzV6I3geCsARQiwNxzRpojjR3cpVGcf4nPt-fZ7DnE_j4J2_PIPf0E0_uvZs934ngfaKMQMyvhDvQG8qYMVJ9eT-o2y6md1IE8IEgGFBB4Hv8b_tNndCSFuv2Dg3E1QYkaMjuyJcoZzYMwUDoZsKRG3eW5vVR43n6HOgVBmyTiCwkDjVRsCKx2dR8yu6xg7v9Dq8AvKSWsij1iDlsFSYPq2Cp0uGT1c6c45V2CcscUkwEUxmUvRzNRzS5-WN40OndUA5kt6qGZaKth8D1ZxNN6UiR75a2PgpIzzo6MoJOtFYblOHXRF0twWUqqr33SMqTEsGWutsjvWlVho92OA1ThYlmm_dslcIjPgC6R4-kmiMllJlPkw20XIcBHdS7GV5AP3u-K3wTQ9GC48bnVM30sprvuCQcGV3CrBokkkpvuZD7P1avifk0kMmHiSQMboo9UkpHEXuD9b8ANpsu_g8FE3qHholVp4-eqj61rs-K8L3RG9G4yqJHGqPzEB4ROUAeCa-pmQwnSDZMUsQXBZbRo4wANoEW74ziJeGe8CTtRMvvoz902P039OJG5ea3gGkBEpqABj4y4SnhTdTEzPtd6FN7BRJiUUnvwerfTeJUNpfSh1YfiAE3kmxloAyhfNz-C9J8QwynIOau5p5cLUAMfUmSxIwveHaaBvBlRVV2xq3G_e8uxr4TNih42x0QUckkzaUuaQbkgMWYFrq3Uh6GWBBqtZntP21cPcZs4T5ovJvqza4Gs18ZFnvzZRoWZcBVf47OcJddbAo6T-1tBr5ftp6GiWIO9w1rV-JivEo16xtXeoDGbba0OehnIqzr2q0ejHce1lfElqvbe2E9tj-fIMXSQHkI4_tdKBTngkFFP4nm6YK_9LArrvf7DpkbygIwDl314LjUdB1TDOmkr_Mis5zbhgK8GORT28dszTIJJz0c2jh-t3fRO-OiHa-xmdwSE9vVWHshj1FCv8KGaxg5y4Be1kqfu-WKMhcJXG5wUbShaYXrj0lFHIbQLndf0ac3gdQQ7BTooajutUaBJ9l5gZ1BZSQuSij8uCJWPv4kUFlgjH8sXwnxrnwge-tURb1hubKq3rWOm6iujbfqyNTPXtjykTSMkswWjgxQyPg5YL8OiV0wd0pREkSjAqPOWxm42WlBjzgxkyxlJNQwX7GonACSsA2eqZcQTGZ1ntdyMmXfz9XDDAeDBkjHXvfqTdXeF4-D3PFAF9C8gFY8apyEb5MPmpV9JHeWJ_0VRqFdpUXiG4WSOldGU-PSu17OZPZCaljqfHlmDuhAhho9B3KbRJMZECRWxT3gLwhCj5o4VBbUU6g-fFw19kyOaRnP3aTRKe4N9HvAfNTGqXtE4r_Jeqo17ipp_mSCw6q26PPB2GtYFtVxbiBBl_-AmQuINV9bRE3UFsusNfqXYZ4ph&pr=67:1.673732&cid=CAQSMgDICaaN7L6omFKz8z-D_9fJ_bg_YIUlVyx-5FBIaiGRLUHw3GozVNq8E-8SqkR8vQNlGAE&dc_exteid=31326233361553619591912537781777981&dc_pubid=4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame ECD5 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=9489442643f2d7223331
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:38 GMT
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
3xrN68CMQmc4vHqXXk3OqDMs2hz6oGyC1x1GaOdqRbqABjckHNjlCw==
truncated
/ Frame B86F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c1203f1006eb45335b4586cb02cca3d2820792f69b88048533ffe66ecb4f38b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ad-choices.svg
static.yieldmo.com/images/ Frame B86F 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Tue, 24 Oct 2023 08:24:11 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
62669
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
BjfLuu-hmuFUEoRZnoDiK7LtIefzTccw1cdkpYWaohvfPNjcCv7A6g==
5909135346386734207
s0.2mdn.net/simgad/ Frame B86F 		738 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5909135346386734207
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
2d1cb3f75b762bb8be443ee6f9cd1a74e8930add7650d459144488263371ff0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 22:45:34 GMT
x-content-type-options
nosniff
age
183785
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
756017
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 22:45:34 GMT
11060333927620269952
s0.2mdn.net/simgad/ Frame B86F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11060333927620269952
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
4a7cd00c42daf7ae543ef7b9f149066d8fd6c063fc962aa8e1b7f2c50efbc9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 23:35:20 GMT
x-content-type-options
nosniff
age
180799
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6846
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 23:35:20 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:39 GMT
x-amzn-RequestId
c06f0d65-baa8-658b-9ddd-7b52b168d9e8
/
kinesis.us-east-1.amazonaws.com/ Frame B86F 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
d4fb8d30b806e653e96973369d47877d350c9e701d91cef0e21665284e6c0ffe

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=ff0e04986c3f8a3b3747eef7ff5a152203a5e6786a9cb0f22d05347cfc2aaf4b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
5cba2820334162da85311f50a12aa2fdfdb98af01a1bf543330f409fe3055c48
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014839Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:39 GMT
x-amzn-RequestId
e80470d3-aa42-e89d-b5b6-06e4a18254fe
Content-Length
133
x-amz-id-2
3r8B6l4yhSpPPJFEkpGDq9Xr+/y16pvYGXQ89fjD2TL9C6wsLZpxK40l0Xex1GSe5TDDi36Hgk6obZeG1Z9hM74I3aHKyPXJ
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame B86F 		0
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.27-529&imp=580290357895281548&plid=2521236318193655889&pvid=3391854064368320052&fmtid=52&e=16&rep_meta=DpuWrUB5uqNskCOgZkDMrDkh0Cu_rPhFEcWkhA0R0X2wB2y03_7mwwvTbuCuKkJ4moUOUWetiIXvwjfjcxcsA0ig31XlUfm5C6bMXY9_pDTK8u_chLAay3CTQce4L9Okwu0UN0gxh_sND7PpQcw8moIRNusGQ8I1uc031oAjxzAf1ta0kr67WHFXB7s9e640jSqa7Pmq1Zz2de7HGFsUczYeF1gf6OfTC0aWOWKd9Ho0iLMUJ5ZvPMENnqLwRG_wzVv8hacV9Zd17DYLm43M8K2p1Aggng9Ej03adikTv_7ujm9rkeK2gtZVRGrDqN8szV9XC-r59QeO-C2wkfPxgUFxXLD6KB1Xqm54RVSZyHWaIULGYhvXv1EAKGmcT1q2rOJFKgfe71rzt_KRKGDp9sOJ-J1SVtpvKtIvrGzpNz8&offsetX=0&offsetY=0&pvt=1698198513272&stime=1698198519078&etime=1698198519078&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:39 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
dv3_native_client.js
pagead2.googlesyndication.com/pagead/js/ Frame A47A 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7960
x-xss-protection
0
server
cafe
etag
2243287812070980505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:39 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A47A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMuWYUNex_BqfqvNKc0zzJrDEiRqsRAm-76zpn2ELZihO5nkuyzw9gDz56eCROv1GgBhRiL2b-UBrF5PE9mOKjbDK5Tw&cry=1&dbm_d=AKAmf-CSP5eA0f7PEbiJ7nq3A4kflCdweY16xI66BwUuPFHQ2bB5xH4Fcb7Ety82W11sHQc-dDyypaaEIUxujIj3zzN7pD6TkGEZ__0-pBsYhOrVHHBjOaj2_3DlViP4QMBp9KTOJ02ZJrBQEkbg0HApx7xcS3M5cDSQiBv5_SwfkHsaZFlZ_8lGjyBwZze55rL_Qi_TOtNSMzvLXdGW0UYojAxaoTwgsAGQLyyD_V2HHHHM9Bxg-yKxLBZzXFIQVL-XgKnG-morZ3XA4ZYljbE4au6u3HHPqAe_qfDxfv2nh9df1CeGf5Yh1DzJyxt5uuI3vgHHzoj3lTFl86It4140RFR2OT0Lu7zrUkZt4Jdh0FUSvWWbNhIwR6yeWHO8a8mgSCsMs8UXbz7JoGVFjP3kHylh12pWQGvVyRd6lUrp_N-Y0kHSIdViTlXou_03ShLaHYcWSmrHDrN8INnxpAcU0_Fv-muRnlE6FNRc7h_RV3y75GqupM6fPJNZj_p7yzPs93dmZIW8-3PntRc7lxjqdVw1TQL8JHJKYe8ekdCecIzzTNelQDjaurr2uepb6SYPdNDXIodYcmrV9sh7ipcpCxQfdnX0Ma4BNbkI7DqeJd6PuitlNmgQ6S7IQ7x0QuLjBzIwc-Ozp050h-aAH9Jrd5DK5Yb5hZrOe780yKnyBBL-eMl4qdFzyeCQTyp8wpqE-plxK7CupLQWWaGw0t5oRpu4eF5buSKtI7_lbOY0s_sC2Wf3IIhM_9aNZFczJet15VHKDJRUvvH1ERNPv54GqpRd6jy4oJ07bSFs91VT5T-P2uNNivDjfeyrftfoPEHz2vaA5teWScPQ9QSN0vb6EzagPQ0Oj_p-VCi08jSLRWiGWN7we4OYTY0krJucLSBdjX6YUbzmlAsxc9RU0CcLmTA0pX39fPVkU1llduoj_Oz2lNfvQHL8ia-TsaMHuJMqJyJh0nASIP0bzX6efgdYyxqBI6EemJgs_DG6N6pGpb1A9P6crHcFAwNUvpHdSIpm19l7u59-6fNg_KPQQtIZfuRj4XPOUnQ00dM_rshFjJgVSmH76bBwOq_V0NkiBaK1fL9OuTd45c62d8ZOa-WPwspP7BDy2ZkHAMtAlNv52f5xMCNlyXeTkbLNDrFd8Q0A5XD1KeYX5qWBUf7gcmMfk4bRqiuzOjlZg1iaTTmF7ZC4jWlQBAGK15KbUD_R-K_sc4MzNwfAgnVjspUL-X1LnBT0qccSTYnr6uMM5Q0j6fVp-USziLIK4W-fgpnnNdXXWznNrbNoO3CTf3X72_BZBRS_hTenL03TmrazcKIySg8zZeRvO2uHmVMeA8LTN_0LWLBUaQvIlIAW4wqSbcYsieFZUAqnaqPWSVP2EanlngeRY0oJaxW6kHLwfFMOlJ9rn9ySu3tCbKYJv5RcMH20Vwwq_sZRjSt4r07MJPCrjIQ0g6OjWJiqblr9DOTZyOJr0-5smeYHZ2lVGof9ChaoQK4d2b50loI5y0po0ix-yr0_G-_01rZHNInM2YRx_Rbhsn6SSlvcnTegqOyRoHuwVrTxiKi0lr3MfOYAz89WIFoBcBEEhPrFRXWjR3wrJFR9ACydwt-YIIeu3zrJh_5jN1zmo44krlDqcj-Cm8DJIUxTY7iupwDASBYXK4GTqK1BT-RputdXF0sIkZJapz1z_pxyjjhTPHFpCE5l000U9v0-xkFmxVTeDpgoJxpC5mEaDV1_oYItHzsywnb5a7upu9_fgAPVmTAp4f-Yg9JanNRmtXbtQuLKeezXl4QSk0FMw7dM2PvlgKHkf6SQlebvyLKX6QQ2tx9Ks-SIfGLzROzedaMwiT-xowaoCqL9luRqtV8T8wff3cqykJOp6KTeO-ISBtQy0hADGO0MnIJkZ2ysNtkP0kfpb1XfFfIeNuUec-5GtQix07J9AWnAZpqU7QUywqUUS9Vwp5zPtncjx-anCnt0ZkVgUcbWAMugEIFngWp9pYoZ1-XdhZSCrPnnXWdRtRK8ktbbG6dZoIfwP1uinU3-m2QSfosqmYLfkSs111vXNUtjmjZEE7i-sU3eo3PqQYAPhQg90Pk-FiaM_Gb8E7ybKPgEMHiq65zU91A8a5mqhyufAStK25tNjyC_-NzJx57eyp6kg4w3kk_Seh8BFhlcG1W1zoff1q75DH1xRAUyAOw2yYWpUVxjVdoaBfkrsZLWsHfUVg9AzOjt533R5Mwz72dvs7UrXtztffcXZL1uKLiw&pr=67:1.673732&cid=CAQSMgDICaaNqdAzpqybLj3B0R8yhRzTvd5sl1O7bJC7IGu-pZdRlrz-szinxuRhCef8diVFGAE&dc_exteid=31326233362076713913606860492821100&dc_pubid=4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame B86F 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=5d747d6a1ec98eb3641c
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:39 GMT
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
7MrqC3MB9I-cBTKdD-S1zC0ISiLKbDib4yuvRICrlQtVVvY1XGzBBA==
truncated
/ Frame 4BA1 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0ab0ea08142628aea334635db108bda769bbd27be3facbfd058f99ab1425bfa

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ad-choices.svg
static.yieldmo.com/images/ Frame 4BA1 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Tue, 24 Oct 2023 08:24:11 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
62669
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
FsngffMsqe8Y1j0vgd6JVSL4o3AnLoiIoZiJAbVP3ZSahIup-ygR7A==
5909135346386734207
s0.2mdn.net/simgad/ Frame 4BA1 		738 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5909135346386734207
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
2d1cb3f75b762bb8be443ee6f9cd1a74e8930add7650d459144488263371ff0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 22:45:34 GMT
x-content-type-options
nosniff
age
183785
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
756017
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 22:45:34 GMT
11060333927620269952
s0.2mdn.net/simgad/ Frame 4BA1 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11060333927620269952
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
4a7cd00c42daf7ae543ef7b9f149066d8fd6c063fc962aa8e1b7f2c50efbc9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 23:35:20 GMT
x-content-type-options
nosniff
age
180799
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6846
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 23:35:20 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:39 GMT
x-amzn-RequestId
e7288a87-af33-8ec6-ba9a-fcb04364e4ba
/
kinesis.us-east-1.amazonaws.com/ Frame 4BA1 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
e70d6bd23ef16460b6c4344c403b92f1e49bfa0906b63a5659eabb7b35343e76

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=3a318f45ef1cb16ef30ce8f26f36c14008f364f09d0c0a58618e3b7b4bffc25e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
bd387e6b498184e234c6f69fbecfb476011a4d9ed0ac33f3d7a8f296a5af00ef
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014839Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:39 GMT
x-amzn-RequestId
e74ab182-d879-d6a2-baf8-c7b5d3b96ac1
Content-Length
133
x-amz-id-2
sdJTeMvxKE0UhbKcCfe+jYx4jk9TzeuWDNrHSIr5HEMoxiCUpzKwQK1CS7eGVWa60LwJCyQmcsiCjz+9eMQHkvFDYlD2Bthu
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 4BA1 		0
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.19-513&imp=3723038705133902904&plid=2521236318193655889&pvid=3391854064443794120&fmtid=52&e=16&rep_meta=emS-yqXPe3EZzINtYqSE5_n_vxmYSaS1uZWWgVAd-ATLdLZO5454Vv7hIQ8khMSakFbPqZtT1ZVvuVmrrUS8PgpDZ0B4CsQXab6B9JuP9dDJ8OuJUNHi9jVr9vo3K8wqohUjdsHnjZUQ4Pl61QW59yeliqW2zLxk0knt67mbGNuNOmIXTBNPMFZar7k1H5Bti-Ek43htT_4idC1iu1PjPaX4W1nggngS1xw2objAln1YEajJPUSKJae8IIBIGobbGot8rgQR-Mhl1GSl2p2j2y5maC2iPX_-4ptqzDd9gWvojPIWpob4M7oOOJLcqMmpr92T__Rcsdro7rt3F1YFAO-Fo9rAkUusujjC-S8JB6lnCeyxL32QjHHT_Pug2IoRKYBZPxKd-dYZot_dWPGUL3GMHvCVlU-7eRiNRLkQUNk&offsetX=0&offsetY=0&pvt=1698198513282&stime=1698198519255&etime=1698198519255&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:39 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
analytics.js
s.update.tas.yieldmo.com/2/518423/ Frame A219 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3391854064443794120&pv=a30c4d1a-dd8d-4d01-baa7-af9f2b1b23e2&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3391854064443794120&bt=programmatic&gt=ch
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5071704af567c2640c2ec53809f1c60170307cfeba44916afa02e97d57d7636c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 01:48:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2688
Expires
0
dv3_native_client.js
pagead2.googlesyndication.com/pagead/js/ Frame 16CA 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7960
x-xss-protection
0
server
cafe
etag
2243287812070980505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:39 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 16CA 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BlDU5gSpErkkWdgqS9tyC9hlMh0e7rwqtGm_JC3dRHFmEnulpbkrV4CK7JUbTOhqdb1yzNue096d2J0jKeNkr3-eVocw&cry=1&dbm_d=AKAmf-AzXoevDE49QPnXApUO0G96BBP7zrb7oXW3sAiALDLwXa7HF-xOloOFGOsi76nTcb09ir9Hf8YdPeq8Ka3LOV8L5pOeyBetMlfxTK3pWNAn4UuCqMqMNlM6BpIkvCx9vEBjiABFypCG9DLja3OBusx6iekePFzBlSa5ZSUOZSWPeO7NQenbjIX6nGg7-9UtaoofXLutcbZYbnSOZUtwnkGAiA89jvh-c1c01GLzvnVezEg3N4ZdorjTwt97Eoncn2rrzd5TmbSqFyPpJ52cv7R7c2oKE38jR9uUk89XnvZ2NtH3DzERumiPAy_qO3pbcTDkj5N2O9Meiy9p9vSxnzGmKBl95gfvTVfiV4eGJwKz-uGboIjzMwPDbvj7-2d6YrA32CT-zkCjttuyddO86RzXwlxSLIULXS6bKEOXrebn-t3Bp8nXO1FavCKgUbvQeejsNo-u-6g_Gisi0KvO-PeHI4766tJknhfhIOS0jEdKO5JyFzcyT-IiMET50CJWFLGXjU2_XoBeOskgVWbXQo-i87o73H4W3XA5rwVV8ikUHdHoye817QiU8B1x6TUX610U240r31OBvZZDqE6SScAS4uLhecXHtS-Vr8Ua9jWafMYqEP19GWE9IXWNysOcZaUFL5WF6KFmXK5zHO_0zLnWizvbcWSM8DP18d0U0MbnHzJIP5PRUTl4rIyHgC69SKsn5zIQbZI_d8RkYdS21ld1qm-wnvDxn1veFDsoy5BORXoo04fE5n2ybfjaKGZ65UmuQd9IXsKmCZse5l5mBGqN6T0i9X3OrUbe_XE6KX7utg7uYvUwlLncA1mTqC1dFaeUXSPn0V1llM476Q1QA93dcVAmA8Sl8AtUgk54mZ3G7xGCPVLuTZa-Ad4bkkHEjhzrOjfOqaFvkuWAHHD0rUlCWZ5CFyp2_J5EktFpJaRVAb7iRpLrRf54YPG1tSDG5TZUZ6mqvm-XwXzzdwa4iHE3nXzuNXQ-qUywJ1_OQevGMPEk-vlcE-mKmd0L8f5PMFjL_794XZEuQlB7oVeG0GlfWba9UGqhkf3ViMJZKjQMJjF08RH5EDGS-w_MPMHJyl2wUX-aMyMOOaPbYsvFkq5ZLg5ZcqP1GCdE5KwvwzkXWimCNGoFDCfw7gMmO7k12zhffxNGqSVGphG_G_fDjqmWRRvOHtyGQuySjtx3YJjSJWp_GTKdbeA9W0O6gR1y4_gX_piyETVkbqNMSsSJPCGXv39nY7xdRKjdnqqFJJZ4oKA-uWNMlZPQUS7HPfaibA6h3FTCkvd9_cZIviC6SRg53Gjg5Aa3U0WVzQ7oj8nA7_JHjogQvDGzccxY9XTg8SJSBTkmd-4sB7B7gkBkg_Wm7UPXzpmx7XWJ2VKPTBJu4OLLEbfDwId96F88YYf-pguVOc6h0HDv5WecfVmeLQRSd0XOxdrFI4trcc0QBwvU91nuLiLLYhCvoJjsLK4vVQdRainTSLW3UFcKq8KDVaBoR_Jqt5c1Fargx0n0TKJhzxIb8M1J6vDaTT0sv4W9vKw6utGe2XOrd-we_empcAnqobV5MO43xa3FQaoG0M19AWd3GXAbOODddE_zXWJfiOlMIppU3NeXs3v2-uezpWf_wvGnLt2wzs1T1pf8jtjRFjh_TLLh1MlhI5CstK6sM9BNulgRuEYRH-ijX-V8u7wAPpTb3AtDv-gVWuJc-vFt2NQJBjTRk7H8WFpit4LxV1EmZgGEpnU-4ctBiZe_EUkP4q9ObDmiBtStiZ2d-9t7Mq8s4klHv6SA6kyJjQB_afHMUF_7ZpvCrXMVNdfEJubv1RwLMRPwGdHKzZU1c2yLlzGl78OlYUA-e5gpem2z4_C7fdxnp11P5V8u_zRqaEzdcTz2ec-Hiiy5GbNEq7f6N4X3X8xU0Febs95Ifotm7iwI-VCQRL9y6zcK3d3Ce8QBsktvoUXeS1SE5tmTsJTajMyDuSa_z1JG2EXSur0Bq99pyQX2t_TtY9S-NWbXmz2gMQYmcSa48KsJBPm0ZHOuezG3IjoTYz_6lv2TPCcHaYaFQntaq8ap8n_uHn8qV-9jfcpm95H5RydLIXRPPcd9m3z5Vo6ZCG2pyvsJA1-ULbRb_am6syig3NsMqORoTdEEWnNlCqRZlZBTC9CH1AgYk9pEKSf8XeeHAEiiLsOKeHC07VYd5pyq1XdmjD6lh2vk1NnWqhNBAx78d3oRbPCYAeOJfw4&pr=67:1.673732&cid=CAQSMgDICaaN6l4alYoIePAXgv6aIsrKQRNPXTFhj7KR7-3mMcSueq86p489ampqOTUxlmPDGAE&dc_exteid=31326233361755611107045942670250472&dc_pubid=4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame 4BA1 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=c3247d719ba81211d405
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:39 GMT
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
GhBhpsbbOlZgQqW-qKS2ZtHsJfMsy2y_KTIW99M0Y7p6it8lZAE8Nw==
truncated
/ Frame 1DF2 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07e66ceca7319d41bdc8a788e67305b42a844ed1af583709af038c5bd183a404

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ad-choices.svg
static.yieldmo.com/images/ Frame 1DF2 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Tue, 24 Oct 2023 08:24:11 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
62669
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
BVjtGj4FyspmWV9I_BLdLExy6yi6aXTOScMwwm9ApRYchecsZJw9Kg==
5909135346386734207
s0.2mdn.net/simgad/ Frame 1DF2 		738 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5909135346386734207
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
2d1cb3f75b762bb8be443ee6f9cd1a74e8930add7650d459144488263371ff0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 22:45:34 GMT
x-content-type-options
nosniff
age
183785
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
756017
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 22:45:34 GMT
11060333927620269952
s0.2mdn.net/simgad/ Frame 1DF2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11060333927620269952
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
4a7cd00c42daf7ae543ef7b9f149066d8fd6c063fc962aa8e1b7f2c50efbc9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 23:35:20 GMT
x-content-type-options
nosniff
age
180799
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6846
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 23:35:20 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:39 GMT
x-amzn-RequestId
f4b69719-bd5c-d6e2-a904-e12eb733076a
/
kinesis.us-east-1.amazonaws.com/ Frame 1DF2 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
6c02e041d0d65891b7da44b0ba5b60f30e7431f424efcbe3d942e46554695ac1

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9b0999bb2d77d0f8eabe93e33bdf11883ab0fb1c4899f43dda3895f8a353c3e9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
564801ce839b73ffb2cd5a0bcc7a3d4ca68eb1d45b5fcb7dfe3a471985668775
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014839Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:39 GMT
x-amzn-RequestId
ca15a846-bfb5-6b2b-97a7-de71b5dabaa3
Content-Length
133
x-amz-id-2
a79th/BXH5ThMX370vZXT2wIQjFYHeONhou7uKOgvr3rgeiFZVUVoG9EI3anqJ44rMAtQRIhyO3eEO2J+9Xqo8C0IZU7jPXs
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 1DF2 		0
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.19-513&imp=2502587597932613978&plid=2521236318193655889&pvid=3391854064334766635&fmtid=52&e=16&rep_meta=YOsfAM6jOD_t9xPsWarSs7HXW1J3HCeRo2_yxKY5g6_vXrO_LgV4uEC9aO568CKUNCY5n3qHcBq2G3VYMVGJBbxyF6HTT2hgG0zxJ4rDdQSBRbF4eQ0ycRQuJjGfhAiG6lazIiWUMlPn0LAs7fxz8bKWEqutf4ZStwooY_jzokoVm__2M8PTsl4d0VrFQaUVnQL6XrTCm4bgI1P5OL5J3-33v-_B0MtxoojMOtrrluFkAMhxeolos8NQLwlDgvFUuwEcXqCNoIcdOXPnJ9MGoVPz835kKnBX_4xLH8pnKtN07w9jji9zRonFeMG_k3p0eLo8ix0ce21_9dAQXvTKljidcFKptfHW7hqlcIwBzbZs91iocQlDAxCWjijxxneav8pug2u--6aJDpcf3oPXd2HBcumSIo8Kqhb1GtZ4HBk&offsetX=0&offsetY=0&pvt=1698198513269&stime=1698198519430&etime=1698198519430&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:39 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
dv3_native_client.js
pagead2.googlesyndication.com/pagead/js/ Frame D890 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7960
x-xss-protection
0
server
cafe
etag
2243287812070980505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:39 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D890 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQivnj3lfE4a5H0p4lEBDkAgwOxH1B_wajBxcBBiVrn_FQOVJfHU3dP3LhFMOnDTh2z97hekHdMrzxRCKkBlSbubTZnQ&cry=1&dbm_d=AKAmf-AyxAfHNsqRrl3U93O00pvheoilhAekpKeOWTCdxaVfZad46p59AN8glqBoy3TLopdJ48AuDuKf9oHd0MFG_Ug6Uus3UvhrwRpZlAj7ticsS1OFE18aw5xLPr5B6G17NOAnbKsL4DTOPFMb8pmVtex5cMoG91T5QP-_YBrF5MHdPq3F2acMw-6S8VsRx0CAyd-tzVq84XERbX61INWtOryT56rHmTc02hCBz0bKRNYXoP6FsAHCJsSw5vFEt1vnC2ofL_4Q5ybCdTSQahYVsb3i60o6nXdcFVANbnJ-0MGrwxz7ZxIUXaD4mVkLFk7ap5kXiGBMiTq25c8mc7e5VxdC6lqh76Itl3FnFgQ05Jrw0_Jq4iD7QsVNH7adoDYsoL7MW2R1BEETrsUdSOUCisybDZq2bfUYj6GDl0pdv2DUSoYAxfsIk-T3ljlbCaKJY97T3kZzh6SQb2bmSTM9949MD91Flu4ZTKuyp50q-QXq5_7KVpKbEoJDeJxRZxAGFfDAumgzLq4i3tjG7zqOmOHLJV_LrGslDtIgDXCkt332YLp10wc8dduK72apS2G3kF3jawW5N9e-zfGXVfuVii7Cl7k2vO21KQiCZ7WjdoureTx93SaFpUqhfeK8uM9DG5lkb6OODxh4C13P1vDZ0eMSNxaI4EEzRB5HomwTOgM0GYGlYNZsDx23DWd39ykZkwKrjTF-8oq9BQnggHMirfMXq2x5CCQDemMZi8YuUthg7xQDU5lrhW06ozZK8vNsL9LmRg6RB3GGO_Uv5e1_E5Q6WEmNVeeF0y0omBemzfb10nnFv5IV2DFqWyf2dkgWFhm2xeWk-wV98Xcx4N5pzrDI2ZIpK-KQ6TQsIBeNbnr91IR-9lJYt6oROeDZ_ufH47zAZ9rgSyO9hXSeryHv1GYs-eYyq9JXzGL8fOyJE0rnBcm6oBrjzVD3zlBbKaA8JOsgmKaLyy_M__MHaEo79JhMrc_tpDP2_gYEFR5SY2vPGU91cHvYBGKvgGqE-pqqYxTTZuEHq8cHfUShEF3PYxmuX2e1oxvd_DD14rk53YSwxTn2pUzdusQ1My1GfkRTfNd2C-C8qz9H5l_cN7wq7bgBIQdydf0JMG9T9FccmhdiYreOgjf0c0gyPs77HseLOrriCSgfkPO-mBtsyHzBc1YDX2yHpLmss3-gVQr8VgQfTwM9GmSWhss9OOjG4FRuce-4y6WniPGZUpJRrSzR4k6OmiOdweEHUvyFZC5YIP16hE-Wg-R7w-HYZJD67fT01j_YKmBHBdEtG1AmEWT3Xr5o3qOekeZnRxkHN6zvhkmEpyRHUF-bIomAiPafNMlRXkpLLB670vvfBbj9Hs5BOgdRBoypf6RZbfFKO6ce7IHXfUCD8_IsIhG0nOKEQrYmYE9IVUlAAj2Ko28gO1yWLxm9VGOGjZ9TRRdGj_x5J7i9SDdfBbX6Vuw0z5xwuvWTqqM0Aiiu_-DsxX-hjiGrlYevUMx8A_EjkWBaXNMR8vMP-m-X7tg0YzaE2rvPbXfUlUKRdKNVsfz_zJZ6ee0vE_IpkxHopO90ETODHBLo3ZQs9JKWU36gSFr2upPgihXiVvkbHSdtnlqJ6CqmPmW8ohqqNFkZ2WNiKtjKd9T6MFLdH4tSPw9ZfMOqqpiYO3M5WeSwH9ECUfPn13tXSuF_d4P22kq3Z_WZE-VzSdkTSgOloyNPWqknfyK-JOR9RoSmXRSOB22_Tib5UYbzXVaC1mthV2Uq_SNExm7LZLOtPeHk6cMeUN-dNOW83q5C3RSd8wplZV7QyQyEza4oxBdOfMNh8XpQV6Rtc72nCSAu7KH1qRuPyPQT0WixJv2fTfZREs3f6VOb9Rvk0XXOWpGAEcfTXJVccc5RaBp8q4HvDbn-AWvBjkFs3s0hRj6a7axVKTq_bgeF4SR2ysNa9P6F0vkQYvR1_4pFspB2QnKK24pMevqwmrzUlzNHzaaFVVrM2_jGENR_wtlktmoTHqDd56Nz9FMXwOpPKqHM5gr-qBZr9_TfZpjqqyMGujorSsMgcK3k26waadYjnyGBXkWGrTWumu8r8AFXjmOJNApbyER0CPsu8iIiAYyMuCsDj0GXfPJAh-LIv-A1gne1E1E3jzw1lZXItkgPW9YbCZbydIYCsASaOhwOKETmnaXFMiCFWcV15d8LyiSgimFOU38rL4AXuIbI-3uXPGt_ZTUVkNMS-TCP3JA&pr=67:1.673732&cid=CAQSMgDICaaN_6ZQIMa48phTG8ltQIt0pEoDAjuUXjX9Da_nQ9xL_RakSBbHdArpC-ijxoe_GAE&dc_exteid=31326233361540245497428526963831168&dc_pubid=4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame 1DF2 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=9c6ab81b56f9002446d0
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:39 GMT
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
nZcTyDcMqFfu8gnOyjp1TqxtqgKtvVZ99sql5akt0EkiUOeTxYmW2w==
truncated
/ Frame 2196 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7bae8e2261afc29fcaca31883e796b6c07ea4241cf904c26667452c204f09ae

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B30E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1159098ab08ea234071b485699bc1c2df66dc964ae3224b5bdbbdf8e8c6dfe4e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ad-choices.svg
static.yieldmo.com/images/ Frame B30E 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Tue, 24 Oct 2023 08:24:11 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
62669
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
_v95lFmsmKbq1OTR-fwO3UxysB1YW_uaLCkkE3AtNvd9rLsEFWSFjw==
5909135346386734207
s0.2mdn.net/simgad/ Frame B30E 		738 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5909135346386734207
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
2d1cb3f75b762bb8be443ee6f9cd1a74e8930add7650d459144488263371ff0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 22:45:34 GMT
x-content-type-options
nosniff
age
183785
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
756017
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 22:45:34 GMT
11060333927620269952
s0.2mdn.net/simgad/ Frame B30E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11060333927620269952
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
4a7cd00c42daf7ae543ef7b9f149066d8fd6c063fc962aa8e1b7f2c50efbc9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 23:35:20 GMT
x-content-type-options
nosniff
age
180799
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6846
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 23:35:20 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:39 GMT
x-amzn-RequestId
d861a3b6-83f1-63a7-85d3-d5810fab5804
/
kinesis.us-east-1.amazonaws.com/ Frame B30E 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
e9746a2836a75c1e4ea3ffacaceb6b7d36b2bd25a7877d35b2bc57b0b575d68d

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=a96142d3269ec09742181acf9526edf12a41da7d0b11b9a2528e95e9dfaa5526
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
736ef8f06d8ad90ac37c569b69a8b461d21a3c1af12674fda6ddc4aaaf31ad86
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014839Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:40 GMT
x-amzn-RequestId
ff4946c8-ec3e-3b2b-a2fb-30f060640088
Content-Length
133
x-amz-id-2
Ynbk0W5nBKdRhSdYKnnI3JmB77Z0MVYVA4hOBwej8cFg6GkVvIG5VV5GG+ClqvQrTwwOjSOX1pJdoZmK7B1LrK1Ntb9etOkh
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame B30E 		0
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.19-513&imp=5017925011047541814&plid=2521236318193655889&pvid=3391854064452182730&fmtid=52&e=16&rep_meta=emS-yqXPe3EZzINtYqSE5_n_vxmYSaS1uZWWgVAd-ATLdLZO5454Vv7hIQ8khMSakFbPqZtT1ZVvuVmrrUS8PgpDZ0B4CsQXab6B9JuP9dDJ8OuJUNHi9jVr9vo3K8wqohUjdsHnjZUQ4Pl61QW59yeliqW2zLxk0knt67mbGNuNOmIXTBNPMFZar7k1H5Bti-Ek43htT_4idC1iu1PjPaX4W1nggngS1xw2objAln1YEajJPUSKJae8IIBIGobbGot8rgQR-Mhl1GSl2p2j2y5maC2iPX_-4ptqzDd9gWvojPIWpob4M7oOOJLcqMmpr92T__Rcsdro7rt3F1YFAO-Fo9rAkUusujjC-S8JB6lnCeyxL32QjHHT_Pug2IoRKYBZPxKd-dYZot_dWPGUL3GMHvCVlU-7eRiNRLkQUNk&offsetX=0&offsetY=0&pvt=1698198513283&stime=1698198519699&etime=1698198519699&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:39 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
dv3_native_client.js
pagead2.googlesyndication.com/pagead/js/ Frame B496 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7960
x-xss-protection
0
server
cafe
etag
2243287812070980505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:39 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B496 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BprdP-7fDhqkmcmqkxrZbQtzNgEelA-ckC0AYH0SlrC-IrxKdG66jdoKguvIvGbaXunJXkKXPErOieTvT4aomMWpcF7g&cry=1&dbm_d=AKAmf-DEg0A1GXD9P5Y9KJ9FFcgrUjzRfHLSWMyq6fYxCX6H2MaXcbKcoMIhl0c8vsNjKcDk-I98JpdsxmiwUMvfqq8WQ4MZhCmvzwrdQQdY1MIgkuNyYa6ipKCsaX8S3Pr9gub3ESiSMTiIfnDuRGLHWgHmUJwYTk4qVxbdaenj4iL78bTjkpjogoZ3tp61jq37lAUmbRbi2f4ExDMvxe-191WKVrloUvEAKy7mPVLHE1GnbgMgAha5zkSHeMHraqo43ojGwgLSa00xYEBEIAr8vUHs2qJnfFCZVJgrtrMLKyOpkItS05XPi-mphQBm9clHCO7mmBCPtWJRDPOuosQSk-n37gPVL81nMJ68VIy55dOZPry605Ahd5G4St1JBzsE90kNTQ4UFk4gNsd-WMx-u5grIRDjidufCx8kBf4SELEvqs_83gaSybLoJs2y_GGiCce7gHBY_Nb8v6UP9dzBt-PLjXko2nwef2m6w8ZeJ1L8w6NoA6KhnIidp__05Vuy-2RuvrrDEoBBL0spozIaUApFys71CmpZJLxjGsiRrFIrVmAzJMuPk2Cja3tuyZWuWgc21D3wPnX3F5sxVOM6yoNB30mHg4V6wBHvScvaOt2kS4YKzv0j1y51gU5j5Hxtsw5AXGZLqAG3hOf2JFB8NtgCGZAsxHpgeULi8drpsBlCl9T1IO2pWeBi6VbHTVJCwSA93RiJUF-WQINbXwUokO3Xcanf4T6YVT5F2dAGLcyqsF6173k_5QlFPVy1_6deV_8pNqLgwI8HIIwFI5x9fKfQzRSbnK9pELOdI_gLvBPkxzCZMRJEVvBl6KOh-4an5YC45SjTAVdtFPwpVCAAfF4jTXfbI9OhCSz87hHAs_TAkLMnyyKTN5JlJwEwp0OBr5fZv6FtfGCSur5r5SfwLsO9_xfdTHqlkbiq8PKUvl40DT_DVr4l089-lRfYX3-4zHZOjavcVb8KFX9BjvGpfSdd-Za8urHCFduZAGV4tI7mzMQyU2jpmpZqyZ0_3MoFgqG77SUI0UhJJMM15anQmbriI81o6ex9wCkrFZM9e-FhT1w9_0TcLeNgoh0rbKjhIOn_fu9uLRX7WV0ny1TM0rkaoYtgEtZ4P7SQ-RRRLPZF-QVffVVeGDWhOX23X7R1TeUK2SB7S7jckSH4SEgd_ZQlZmM89EiOpeSqkqyInYkxA0GJMdgyd2Gg1yg2rBSBl6sdJLsO6OU0un-yOYZFiAc3BmZybZZCpWndQKsB3NmR2zPxPhexWLKdh0gpZEAAYmOJNCfxCr3Zm7VOsfg_yTajZZYtnnjpmeffbDbt0Ha8sb97cfZWR9sN5OLXZBYlb9BhqQFMaWK6_qf24cPDzvTMx13HSt2cY_c3hCsVlLVAcjM4g74ld2E26kY8bN5nxMoNBNPWhEZKhHLTwbvP5090r3i8cUM8DeJQ1VqH03Za2cMDMGK1h3rSMT_-I3dMaIx2JbF757fgbuxLMTjcA3RsVFIXkSqVReLTstj4wYtfIuTFP-1USCnDkH5geVNM0y-X5Q5H63z6lL_mPNz1ksx78kYd4hUx0sO5n2rlwEHsKv6IE2u7PGRBHKxSjDT8nyl-XBxYul0DJ2qxK2reMdD55e_bogpQgsPw3jk3oZg1MChuvUp4Vaj5Umwne6VBkpU29ge4cQguQ4iWznHwC9EnhvK8AKvObtW6j6lvcD1rbJE_R8ejHuWL1uO7wOVCqLKqAERTo_g0Hde7MMF_FUZLFWNnK4A-heAXzZXm6GA7d62e_gc8kdu895-UhZ_mfpPGM3jbDan7JCza0SWoMjoCHHvMxS5WC7sDL3j-jMuNbP3iYoEkeu8_1HP_tCML8Fgp1VgHSkj-ceg5FIEYQXMQ92hGS4GZbzWDZHXeJsx63HrBcRnyxdRukonJ95i4agH_r7zNoq2hMoc1Qtc94YDkt8DFpd_eHSHV873XOmyQL2cM5Ff6531oDeVEBOKB_G9N_NDvB0IhMqBJjyk-6bd1bmHTue9NzHxa-tKq_2vdfWo_OdpbdqhTAIGJGOhITBryki6qZgQQyYq1ffu1QpnLVHzy-xHWLvA2_OIXeDpgdWZyAvD7KpPDKI8oOTwcaz0WsQxNcr1lmMeJOpbmeCO-OTSSAvsgTTSVzeHy3FHp1XyuGKfEd6CJvo2xidPiOioeRHTz8D2ITCrsMiyZAdWtEatszweTvckwGSepBrLsIFaGRr1RfHV8FfLhmu4vZZfwycVv&pr=67:1.673732&cid=CAQSMgDICaaNncto4yksSVsqyIpeDYhSfX9YjJd1uCDYSVqEzaaH1AICP03W8OC-bIUQHkpuGAE&dc_exteid=31326233361832479022149433637273942&dc_pubid=4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame B30E 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=984d07893d503370ddc2
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:39 GMT
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
XduUJXvNUJ7nPo2_2aC5OQDSNYJaFgXlQ7Eogw5kXyUfbBQCL4TG1w==
truncated
/ Frame AFA4 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14e415ea24da39d045052320220a5e5c97dda2524584c945eb0ce0a9dcd9300f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ad-choices.svg
static.yieldmo.com/images/ Frame AFA4 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Tue, 24 Oct 2023 08:24:11 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
62670
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
20-zWg5TWKaRmDfkwsNBqHlQEngDJUc8nGaqksgx1pbScPEINuiuPw==
5909135346386734207
s0.2mdn.net/simgad/ Frame AFA4 		738 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5909135346386734207
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
2d1cb3f75b762bb8be443ee6f9cd1a74e8930add7650d459144488263371ff0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 22:45:34 GMT
x-content-type-options
nosniff
age
183786
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
756017
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 22:45:34 GMT
11060333927620269952
s0.2mdn.net/simgad/ Frame AFA4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11060333927620269952
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
4a7cd00c42daf7ae543ef7b9f149066d8fd6c063fc962aa8e1b7f2c50efbc9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 23:35:20 GMT
x-content-type-options
nosniff
age
180800
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6846
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 23:35:20 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:40 GMT
x-amzn-RequestId
cd758bff-a83d-24d3-90c7-fdc7a252f55b
/
kinesis.us-east-1.amazonaws.com/ Frame AFA4 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
ae23551ecbaf86a43df28d81ae7381c6871af66e5d9f5e53099a27b46e3b750f

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b44d4ac8ce06df4fc0e7098303198512355111b661124a54dce2bdfd139b9024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
86cb97ff41b8f7281c43af927341cd547fcf90f47d199ecd7bb3cda635a38bdf
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014839Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:40 GMT
x-amzn-RequestId
e044a19f-ebd2-cb23-bdf6-d7a76788f080
Content-Length
133
x-amz-id-2
koGfeFIyUwPpuKyYDyRD54zhkLpanOls3Hri5a5yJokDBCkOqo2puUReEBUAWO02DLiJB6UUkaVsB/hn/y1+r1Sf7nLguZbC
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame AFA4 		0
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.19-513&imp=2421604430217905987&plid=2521236318193655889&pvid=3391854064309599779&fmtid=52&e=16&rep_meta=DpuWrUB5uqNskCOgZkDMrDkh0Cu_rPhFEcWkhA0R0X2wB2y03_7mwwvTbuCuKkJ4moUOUWetiIXvwjfjcxcsA0ig31XlUfm5C6bMXY9_pDTK8u_chLAay3CTQce4L9Okwu0UN0gxh_sND7PpQcw8moIRNusGQ8I1uc031oAjxzAf1ta0kr67WHFXB7s9e640jSqa7Pmq1Zz2de7HGFsUcx6oqPU2wvLR1sbk_KvqgmVFmWdvz2WgF2xfFH8bPfjQOGnZXQSTzH_MxOos_OUBGJ7QW_vPhBnAh_G37VLhrQgC6Twwdj9A28tEsWSy0J4kr__7v0RsRhoyBgrzGVQPM58TQIeIUlYY0g5IIjQTJcgwisWGQmZxEJvmWLUzZQd7KM6vjnEw1KNtj8Sdmp9dOCvpqrKmiLrqfsO74MHQRqA&offsetX=0&offsetY=0&pvt=1698198513266&stime=1698198519979&etime=1698198519979&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:40 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
dv3_native_client.js
pagead2.googlesyndication.com/pagead/js/ Frame 61D0 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7960
x-xss-protection
0
server
cafe
etag
2243287812070980505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:40 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 61D0 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CA1LL4iScoMBMyLH9dX-pFnlTtZ8sa-ZkvNnk1mDTKBAAlvXCgFLSin27Vzd3ye_XntI4m7MEF0zBdhSrtsZeGFR90xQ&cry=1&dbm_d=AKAmf-CyR-tUc9nAWMtu0CH0wGqbMO-X2_pbaiALqLeZ1KUvPSxgpWz37Wu4o_7owhed16QkFysjRmrMntld-97VfFGVt_u0aMhlm6bf_EaXKqHrppDrs-jfo26_YOSyhnzbEL7CzsEpwBtRfU7iEvu8_sjPPIqXyOznds8Lhv9XJPZmMj1Y4_K9p9edW7kgRGm9Df3HF2V-d5xJ5uiAIjEyqCUS82Gj4IR3Sq3bdy_SjoPzXNOYegM53AIayxmnJtDVxOWo7Ciiaf15DlMTND72jyF_A4Suto69ANLDNEwT33-H6qUnrsD5cNJw9aVMUAHr1KyhJBJTF6ZEWS-Oek7lmikArkgb2-VikJZ1QiUpNvUp-0XdD4lEyR4QvyFo6PlfoLiJCA6KqJFQCiwMzhfSgIEoH1bIfKJ_TG5bIPhth1dRWVzizgX2MGj4LNjQ6qbEvGd4e7-zjxlcJ5IWgSfZImrJi2XdfECjAx_Bl4acy5LoEKJYXG2GnPhbyGZeMgKdOI1lebSu2fUzAolEcsd8lb0J6jGGSeq6-5Ph5onkOgt49FppDcv_XndiPx4Xhn9bp7_dHP7OW8MHTSPXtaID_U__6mbofdx6-qFi08f2uAbjaLp_fvCs_XYHxNLu4XZ6x1SyxqIRBLrqRLmfGJP5ZyNMRLpH5ZN9DzyGvyhal4YjAM6lFaz4jpCNW37uxxkkqj2knO8L_m15aKbSH3XRmSsHES3lG-c5y3D0ISv-n1iadqstfLual-N7ROhjOPfYWIIBQ2VqXLu24oBiQaj-BzVRjWMXpZukWRJ_VCa9J-Fe_BUQSQPI73shtzca6XE5P3KuwFQMYXypaARjVHqy_fcMX6yr5OJo0zpLCiNvNMA03Dgq0kzCkonrMeqObSGEgrmNgBIKxEGzP--FGmdYXPyTQryqw_0xXKnObi7lKVsYZI0gDbZCWmz8SsKBMpBe1SSPNie71dqjMMGYzvPJL_qjYA1ivmrUTGAQelNWK6woo7hi7M0DM7K1WzwOyqokUmYUQP0FcnN7hR_nR6Mf7KunM2stQFtrEK0TKCOUTwnF1v75GukFoDxTEmnLrBgAHMNxyXS631R3PRgCMaM8LawBiJNsga8fB11xZZAaznngkOGQUzf1onjCR3XmiH6f2Vyi2J6e0IdHlzuue5eIf4EaGqgQiCM1HsSG_MB-qV0u_DDfWmxf-2Uul4eR2NqntIZE92HoilKqj-ecpff3oiu5xJr7HE_lz1kTMOjWA7hVfN3rW502IClJZlMuHibHl-vAZyOkU9Ug8jEabC-FWr4wGiP-U5pZYFBd7-a7XrRMnaKBW0Y-iUXw4m9lVsrheDfN8_iRlu4_tIKMWZiNCs9eelrUqSIHqeNYFGzitNHvNlt0Jnpz0-89HWvV2BXWp1FOypNrRkkPsPcFkeal2hQf8l685o2jmmrt9xYd0rqgDWmj4d0Vgwx9WNi8oYi94Rj01ok6miAqQCL0IFrim8MN4xqSucGvXtM5EsS1D93-y1q3CDW2Zn8QlZD15HIHHLAtfMiGJPlj-E9HYH_IGOba91a1J6C7L5twsFuEyrk5rqSm3V0MeA2KqTvwZHOaIWNYc4gDTdm1SQszPvD4-pCnWeNNo3K_0-EZrEIbiHFOQNEC0Wx8ul-r2aRaauDHTuN2k6P0Ui5MAg6IGMN2Hu5feOqcdEl61in5HjPBQqr2h4TeKwDlqo2rpXp1gjvVPHjAp9yGHtLu6XoFOWfpm2dzA022GOdD4iBjZV9hDGtfyApt-i0Drdq9Y4l5VV37RIBVnjtmuEuk00MnKqaeiAmtmvDyBW-V3YCg0WL2FEN7lOL_wZ2AubFDno8AWlOXHXcEMkxHeobMu8pE67WGNfOLWd3I2KhKCYLMAOkYDJsDfgsiJojQTVSYZWEIv0oPOmt4JVZ5z_YVWjGSL5YhYVMwIByltLZ1RMuGbm8sIWHxAnbFCd_GYTi_AdjCLvYma48U-AJjpgF9jx-FLfdECuI41ea5ZMUt9jfgSmYd1jt8JiAp2tON_cWhvJ3EH19O33zfuolFOIHnmrddv5TVNvYB1K_uxKWgauZidPI6tMmpvz3h10cQk73ZD2F2x3VfUY9kjjNeCszhelFWja7ug3Mpm-QtQd0sV-zGvZwAAC5rqsg_ohcQShIZ7ktTdUwlX_KGoSBHvgr7ZvptwXXrqragrSNHblp5G2tRys3oGQNW_UlcjtskqlnlfgSeq6NR9LCdfxE0&pr=67:1.673732&cid=CAQSMgDICaaNZ5fN76bvQjHludMWbdnh0e2rvaidg8MGwmslzZ6P9l5Nek_ea4fX8aXgH3hGGAE&dc_exteid=31326233361548804991722107970477048&dc_pubid=4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame AFA4 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=d9815b9c5d15582cd65d
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:40 GMT
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
M-FfTgdLzUAHxob0xgTwb5TORhEhtmk0nw8RHN-9wmE8jrj4qPzS2w==
truncated
/ Frame 04C9 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b19bcc502e15622d5acfc4a7ef5782d3b6006fa3a142caa2da270d859ff43e2

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ad-choices.svg
static.yieldmo.com/images/ Frame 04C9 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Tue, 24 Oct 2023 08:24:11 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
62670
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
p25vbyHuKG8iYD9HttRlO39YriB4Q9ThTUA47GoPkhV8OfOG2k7lbQ==
5909135346386734207
s0.2mdn.net/simgad/ Frame 04C9 		738 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5909135346386734207
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
2d1cb3f75b762bb8be443ee6f9cd1a74e8930add7650d459144488263371ff0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 22:45:34 GMT
x-content-type-options
nosniff
age
183786
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
756017
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 22:45:34 GMT
11060333927620269952
s0.2mdn.net/simgad/ Frame 04C9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11060333927620269952
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
4a7cd00c42daf7ae543ef7b9f149066d8fd6c063fc962aa8e1b7f2c50efbc9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 23:35:20 GMT
x-content-type-options
nosniff
age
180800
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6846
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 23:35:20 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:40 GMT
x-amzn-RequestId
f7787f57-da87-c084-aaca-096fd0e8110c
/
kinesis.us-east-1.amazonaws.com/ Frame 04C9 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
2718a53d945896675c41314021253817cb49abf3d3e3a0c23ca2ac0fd0497c25

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=8a1749762bf8eecb03a7de8ade09b1915d1102870a6085d8aab846fb0c6d9eda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
14c837876fcb51e6e8ae82294250f8e8d483226d02bb33eaffe6d6c3168f08ef
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014840Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:40 GMT
x-amzn-RequestId
f03ed3fc-e9d1-5fe5-ad8c-a5c4e3be8e6d
Content-Length
133
x-amz-id-2
W8Hgx6lmOuKLtyKfEYKRC4PQf8zQBSrToCxNJp5eSx4skWT0n8opgZ3Vxyfz3NiKy6l2rwDGjoZ2uoAbn/7tZrov2qmEpcUp
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 04C9 		0
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.19-513&imp=7582215074896992146&plid=2521236318193655889&pvid=3391854064309576353&fmtid=52&e=16&rep_meta=emS-yqXPe3EZzINtYqSE5_n_vxmYSaS1uZWWgVAd-ATLdLZO5454Vv7hIQ8khMSakFbPqZtT1ZVvuVmrrUS8PgpDZ0B4CsQXab6B9JuP9dDJ8OuJUNHi9jVr9vo3K8wqohUjdsHnjZUQ4Pl61QW59yeliqW2zLxk0knt67mbGNuNOmIXTBNPMFZar7k1H5Bti-Ek43htT_4idC1iu1PjPaX4W1nggngS1xw2objAln1YEajJPUSKJae8IIBIGobbGot8rgQR-Mhl1GSl2p2j2y5maC2iPX_-4ptqzDd9gWvojPIWpob4M7oOOJLcqMmpr92T__Rcsdro7rt3F1YFAO-Fo9rAkUusujjC-S8JB6lnCeyxL32QjHHT_Pug2IoRKYBZPxKd-dYZot_dWPGUL3GMHvCVlU-7eRiNRLkQUNk&offsetX=0&offsetY=0&pvt=1698198513266&stime=1698198520248&etime=1698198520248&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:40 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
analytics.js
s.update.tas.yieldmo.com/2/518423/ Frame B74C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3391854064309576353&pv=94ad508b-1209-47c5-a0bb-e1a453030789&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3391854064309576353&bt=programmatic&gt=ch
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
96c48fb896f06af2b61faf9b6945f9f80e0c20eb29f5b154e425aeb69ae48a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 01:48:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2691
Expires
0
dv3_native_client.js
pagead2.googlesyndication.com/pagead/js/ Frame 48A1 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7960
x-xss-protection
0
server
cafe
etag
2243287812070980505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:40 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 48A1 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhH2CcEr-iUxlsqzis0SsQ3Nt938U5h5rCDmtzroERGQ8Jy-3_kHNJrpw2IbsalbTczcernBL7Wi4kJlmpQABdWO_plQ&cry=1&dbm_d=AKAmf-A0KbZQN-OE9UrDNBxeEcqPex5ey0BiYGAyJjoALNIQtQaVm8v-4CmYch8lNm5KlyOp3URRRM2-gIqEuPdCNEfHzoe5zRN3BY150bJ3yMrET6FzM5V2JYcrDUOODXSI2Ph5Shi-R_1ncTRlgDFyK2ELHH9iNnwEXI6RODCnVrwAYDVIHmE6zonOywV32HMkzEDLHJW8w6cNu4BynwclxJJr2Bahq38vv0c5aokwB9Ko6i8z5DiuTJnRaHD-lps2WmZ8uuRAMjUM3Is4lMstAKlLt78UPs12erYvoBXj-87QPY2Pw2k6clETwrHqVBf3fgyR2FVly8fgfHdir_EyU8vmsDfxHjknMGX0IfFHR1ejXrsuc1T2wghhUoZiW8UcfEpbwMKRBs3j-bKZEvwmvGVZ2SymBz3LCLO_sbvOfoVU6erQHRKJEHasAJFe2eEpUpD3znzPBH18g1BrObxYpzLqEceCjKXtdJAUXnKH_CeWuoz7Eb3uwEh85zGeX4K_xiDDM34PT8-Z7Y7ykQYEv-gzdkaQCZeiMmMurvMtEo7OrvaWmwkbqwC7cU0alCFk2g36Em1Ph-oHYkaa_foWmE1u0ceuGEsbyae3QqG3AzCVtEl6jLz7PqS7HgmFLs0Hjpcriyo_BUNwAGtcLhL8Tjb15439IHYcNiu1QEipO08e6w_6DiEOcAH9G0TRBKh6OocGILPI5AtOcq5-IBVMkqg6b28hZXg16M3l5HG3W02WtB91U6I5uJDmsMLcOR3T01qDmDnrX2VIy9rSE9iKiHG6R1CIPSgNVNRIddP1xVikiSbt41CMQKMK_7o6WtXQ92zCVdWOrfRAlqefbUCE4XolWelCmsNvFQjemSv97BOP8AC3bLEoEeqXImHXzFIs-H_LQTNdXM8oSSFv0_rn2ClvAh12no-JXRZM92LGPQpBzkEsOlZCUmGi1BY5k6ejR-71N7Lbh2fysccnSCu7qyryMB72dl9hQMmeYBuFkAt24KPqH0ihG3svmtQp_d_XTcEyRpbl33f0JFvxk2apdhSX1OtqiPM1yTSDLjv1HRdeWLc6G2OaURfIIKNpt7XJWbkdB8LSqdoRzNRT6wiDpPhXqSH9PGfJn3y2OrJCcNPE-4ZsNEY7LzG3MaDhFrxMR1j5xBvyWaJLlD0ZFxj3cKO_4fz7jzWRy2zft9t8LX-L0clNtcCJWonovcvqNEDZJeBqLB4IQas6AkY2JZUirg9H0UVumW_kzBsCLis4RFz9UfkrWUeWbm_FLRtasr-bz2anae5O3hJ2fVu9bvooitN42kOac5BNOIS1cov5JbY_vE8bpMzN7f9RJTxr_UwrDfoQG2cKRMVx8Krdv7h1oO2N_kp532f0WIwMLKtwAFD7sOdwdRAlAImttQu5fvaZEyl6y9xCndC56oPbBmyN_a3ayLs4fSrBELfKoN4gyWwWLU51n2lE3fCsAjIxAMA6vQCRQ2rZVOB03LHJW8AP2qkasbhjMKwEABw4WiRrDJClWgQz52B1ipSbbvZaTdHrl2B6zRGrBOej7GWrZ1MTVkTx8aBEwZdrXh4lMTVVLiRgNZsuys54HImpjm8GNrDVPPsr1Xl_htUMr2Y2twUxlwiZ3qIJUbZe-UBuABUzlusVxy1Ng8JSBkFb0wUSnykgz2Unx775YwQ9I4osINBt9zfxd713V3poXmq3rISp0zjkEPwpczB48y5_TH1slPkILshdi-w83-iyk86MGaN_idOL3ynHaKR73VHuZQVGxmrc-HbYDswx5DjC_pdFNg7PaNSxN9RLE8HEKQ6tU-3PvzphRaFir1ryKAGV1cir8T03R8K_n5ZtouHJeTtIoOQ-BXIFIo7VzoXYm2x8UQtSrZXxlgeoGLegCYE5zJZ9mPebTyKyMbvk8M88hPXEELi1jJl_DNL9iHR4mi4wZkee2aH7Aoe9O60YqrL-_jf-arwNuljbUUNscDtBrPBUIM58xpHNgdGmR5Z8Nt1ZyB5N2gJbsfeKa1jc7wfCZB9Ef5RLYnVytp6ahklwSc8mSCnH5EltRm974eb_rsiIv2C7awQcPGkXiK6FVJswCfYw-oRtxwv1PYVk8p1VERdA0dHQCNPLzUXvXnDdjSegc-McpDVXkt-3d8olI0uBM7nhtJizclvR6zv5dLocFWyRqfKDGqPmwIhODSD5SvopQutH4QCIgw2AiflGRN3GOQHvjAvnF_S-mJinP51B56Xdss83kjWWv0iQ&pr=67:1.673732&cid=CAQSMgDICaaNd-LGFIce_pE7AbJUodWddNCH5-sA-g0FEAKX7E5wo2w4o96WQ68xTuZbUFRkGAE&dc_exteid=31326233361588243925525586881876782&dc_pubid=4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame 04C9 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=5020ce7bc38bc33c6f8f
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:40 GMT
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
EFgBiHHUyoTS29ruVj1q3iPzInbLwVoxu9Y0_DCO9vGeFTRd2_KzLg==
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8A9D 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
409023ff3f1cc62a18abaf0abedcecc242604bff65f147a61f069febb5f35418
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10492
x-xss-protection
0
x-mark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		222 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/x-mark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77882812956b4fa5e7fbee0491c6f732c9b61012e843a61d88d45332c63bb876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
505044
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230027-FRA, cache-jnb7026-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"de-bFmB/Ch5GN9lTNmNzsBfBB/K8bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RbJBWtAZ511CNAHaArqzyUZPQz5cEvNUttiwj7OE3EZY72kqArpUG332c%2FmyL3ykThNKFRZb8uaA%2FZOGCaiNInhUQw89LYdhA28lFcXBAdPEImhjXD%2BKp9KxLZpq87QNKM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc70bc9901f8-ZRH
eye.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		455 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/eye.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72b152262183a46bdf29f00817d35dd88fef330c888814bcffed7ccde27b1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
840066
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230036-FRA, cache-yyz4570-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"1c7-2ihwUVPx/n1zQR+B36KY4usUiEA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hY4masTJZ7xthAmH5UogOkuLL3%2BP1FgCIhw3dBP58fezU8ALxMMtotQMCcQhVzXcHwcHiKA3y5wtgK7Rlbar0GOvkNu688Te1B7MGGeJw4zZ6fF6vYesdgYXZyoW4tGPqHw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc70dcb401f8-ZRH
logo-40px.svg
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/ 		2 KB
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/logo-40px.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:40 GMT
x-amz-version-id
NoYri7j3dqGJ_o.0cuCTxKXFnTaBUSkL
content-encoding
br
cf-cache-status
HIT
content-security-policy
script-src 'none'
x-amz-request-id
R1GZM2BE5VSMSW5T
age
44538
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
6eG5KHqFJPzCM9gnBp1x1N5WZMUTwNFipuqzIQZ1EwLAX0PGeZNjvdY0iuUxy9Fxr4h4rm3KPsrf3QlOvTBKYA==
x-amz-meta-appname
folkd0612
last-modified
Mon, 20 Feb 2023 12:50:07 GMT
server
cloudflare
etag
W/"98bcc0ebb1abcca0eceef4c5f8ed8d71"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
81b6cc70d97924c6-ZRH
x-mark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		222 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/x-mark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77882812956b4fa5e7fbee0491c6f732c9b61012e843a61d88d45332c63bb876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
505044
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230027-FRA, cache-jnb7026-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"de-bFmB/Ch5GN9lTNmNzsBfBB/K8bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0YOK2JPQmT1a%2BNA3TvQ6QkvIj0z1KE556fZT7sD%2FUBlcY0X%2BywobGp3Ro94KLcjUzJ9bhqJ3ROhx5TVkWMNe9taD5P0chdNxyrVcu4%2FrFXakiU9UHwdJ78gXllZXc1uk4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc70fcce01f8-ZRH
eye.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		455 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/eye.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72b152262183a46bdf29f00817d35dd88fef330c888814bcffed7ccde27b1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
840066
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230036-FRA, cache-yyz4570-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"1c7-2ihwUVPx/n1zQR+B36KY4usUiEA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NY7VA02%2FkaIosVpSLfcmcCOV5GwtHvYBPXYZo6K%2BcdekND%2BBdM0l1y1%2FHNFc%2B%2FPI6I7DpL3ej97ja4HA4Qul254FVmwsrX%2FDiNMwsySjRwtevvM5ZleZinbJf5oEuuA9oVc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
81b6cc70fccf01f8-ZRH
adview
securepubads.g.doubleclick.net/pagead/ Frame 2196 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf1Rw8XM4ZayrDO-ux_AP6OSduAiH9JKQXOjrpun1BMCNtwEQASAAYPWFgIDgBIIBF2NhLXB1Yi0zOTQ0OTU0ODYyMzE2MjgzyAEJ4AIAqAMByAMCqgTgAU_QerQzlP73pNfDtkKNHzwyM8tenBtKDpzCeaKEG_CCZ0ylHpQM1evQe7hAKgXdykT21nGiGF8gY_3KkFlCEnJzOq4c2sGQLyqLkdnnLhJJYSrFlVXDgUVqcxPJSaQIVXarFbgupjEIGy06Iqc4uscrWP3oEWPjZRvU-OzOqADaCJgZ17osOGVt5DGwIG5bf03JiHsv6o2d-e617dMkPCMWS8vnDpnV_QUSozxcV7_xuVYCVXnMmtgfQVXCuTNd2V4ixEe27DBAKa3wGNgR_wfzsuy3gFkciKwq-kHvGuXS4AQBgAbJ14Ts4MbaqwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=Hi_8QLlRS4k&uach_m=[UACH]&cid=CAQSOwDICaaNJFgfEYtH56cTS0qV3L_pbXi3TWWw-bkJdhtYJ0TRsNRF5zx1NuJGVmZyJOeAxuPr7F1nowPKGAE&tpd=AGWhJmtYW6R1CqG_mbKL4gsGiOCG61wVK0WT_gFo7uvfkGeWQUIUhHg1pSRggoYo_Rjtu2msAk6Lvm6diBvNShDFszBo65hTklf-XgaZndx0JBpkY8iXGY7OW4GfTCfEbr0YIOoYZqvAhgFtr1Pnea-3TG2P9t_G9OnsGB7SRTuPtaBDKmIy6p3iJppG2ycOjCc4AQU5ymq631oPdpL0DPxbvwi6jwA_rs0Hvhmap5XJ0rmaMBUrfeaXbH1yDFX_f6lf6A72TYG8IbMqkFwQhCo0Zg6hdQZ2Jp6bzjd_vzM3fh0jbAEVx94NJh8r2itmBBUx87482bEGU-WaYipPwbWr8U9V0Uhqp8qN8pf6Io_J8g1xhi_-A8qWEO6U37fSDYFKGeR_e3as1DR9i-K1h-FLjCOaVq2iXI5YWV3NjhLZU6Ge5mgbBM1M2feNHvvg0EzYJmLO7jh6vjD2qmE73OQKWKy5SqEGi_4tDVgwugHzVvb4aYuG2h3pz0amBSZV37Ab6xcAnwkhC-ilLW-ZKTj6FMF-MiNWfF1EYGPLpR03huQsqq8cDhyxPr9wJnADDiBtLc0KgiRdFr968iOz5UYkb8O2Qikh7e8lt1iwFHa9AGaiFrZYv-0Ls6IBRcqsI4WLy8XA93XorbM7e9Euv5Q6qMXwpx2V8eqMRQMpvhZ777PIu5yx6DGiD4qZjOBZIPfSajz805ArthSer4Ri_LUOIoe3qJL57HKYN1EoE2S4_8DBFnf4UaInhGVAZbyvNqrxbnalvW48NRt_6rW7-s9o4gPwEWUxlGuNXvbjhBu8Q7z-cMNjUhTa3MGZ&cbvp=2&vis=1
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
kinesis.us-east-1.amazonaws.com/ Frame 79E1 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
b2d445277dd1387d01bb1d989944965d1b7c8f8ef70d55a5f3e20df428657f12

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=2ddc602db86500e96f9498f047f17666d1c288785fe5bb4e41afc4ff32f1ab62
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
ce40105926d59f06d5e6f451330a6bcb382e54e290659f810a59bedbc62e62b1
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014840Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:40 GMT
x-amzn-RequestId
cce6405d-3f28-3f00-9154-366534e88363
Content-Length
133
x-amz-id-2
pqpctBrAcsYln/hmH/3OmpNY+oychOu/RK/80WP0ZWy/KV/EtIzsDkS64TzGsRTTaEaRaNmEnsxVKWlgspazq7F53Adxiog4
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:40 GMT
x-amzn-RequestId
ffce142a-9470-08db-a27c-62129fb0b4b8
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:40 GMT
x-amzn-RequestId
e646cb6e-f55d-9b5f-bbf4-bd56fe9d273c
/
kinesis.us-east-1.amazonaws.com/ Frame 1B73 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
7050a42fad87ea064b9255be621f2724733e34974eb8628b4452889173910fd3

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=49fbcb72ff8094421e8a8bb925dc7ec5f852eba32909ff8fe5ecbe6cbdb4442f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
21795732d9b59898dd6817b3aa07788848eff150b337a513f599218b4c99f5c7
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014840Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:40 GMT
x-amzn-RequestId
e207b182-35c9-ba52-bfb5-c7ba3e090631
Content-Length
133
x-amz-id-2
3LYZ2jPEuzaGCtIgxD76ObzZH2ME0dywpvtti9ReCm57Vln34oJyuXR1livdEbH5wW68Wp9GvAiQyfMPbVbo7HTss9bxdAXt
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 1B73 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1808&fver=5.9.26-F36-46-52-54-59-B491&imp=8491056163408216296&plid=2521236318193655889&pvid=3391854064317961638&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1698198513267&stime=1698198520487&etime=1698198520488&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:40 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:40 GMT
x-amzn-RequestId
fb36afe4-f5c0-97d7-a684-d9dc799aac74
/
kinesis.us-east-1.amazonaws.com/ Frame 79E1 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
05d248171ae2c427f92f61b33e0807058ffe8a763fba0875d1bb881fb7a421b0

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=be69390e2acc6b71c4b40b79980df9534ce7f47d8a39641692c1959b3fd4e0f3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
bfb09cf3374f2dbd428406d896812679e823517bd56dedf960ec65fe88380903
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014840Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
d0dffcc4-478e-d29a-8d6d-8afdcbd4e939
Content-Length
133
x-amz-id-2
O6ZOck0LBX5CFTSOUNj/YkTvN76hVb+iI422mdhhOm3p9BPb+G/2hN1qFcjvklPw0F72Ja204jyQc9/GSfXTxIGXTrHf3+6A
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:40 GMT
x-amzn-RequestId
eea6b72c-8f57-97b4-b314-c1146300fdc8
/
kinesis.us-east-1.amazonaws.com/ Frame ECD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
df244944dab500cfcc558f52f4caf0cffa9dbf3a41e701b5fea6b9ba670524a2

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=ba7cf467e1c99f6f697a8481203df9ace51e3e55800b7ef26a0772e1b0fac911
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
324636a28aada19da2608ed05a22a2635051ac86ef5d422b5b1ed3a7d2d55670
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014840Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
c9b98671-5c07-21e6-940b-f048b0504b9a
Content-Length
133
x-amz-id-2
Ixy1z2s1LYwgW+cRW/O0CNo89KbGA+vorp1nBrrhAhQex0jjdUrjvL8mnnhwD5Lwf2ut/JBbYhfgCxnibkjIjPtG7nTE9c05
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame ECD5 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1732&fver=5.9.26-F36-46-52-54-59-B491&imp=8620885078136118730&plid=2521236318193655889&pvid=3391854064334738859&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1698198513269&stime=1698198520612&etime=1698198520612&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:40 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:40 GMT
x-amzn-RequestId
d7a0d116-f179-2b47-8a12-a72e74e8048e
/
kinesis.us-east-1.amazonaws.com/ Frame CB6B 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
b20fdf1b59252aa511fc6e477da58b44e8404c15da12bf5dd921c6fa192d5c89

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e87ac6f1ea7f3292c0352451bbfce927984113dd04d5e599eb436793daffeb77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
d3d1db5ba032e347f13d7c50d66531f8e0cc7f229a4bc9e42e77beb620175605
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014840Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
ca587224-ea0e-74e4-97ea-041d6f9f5b2d
Content-Length
133
x-amz-id-2
VUt6bbDyRdhrGdbbhTnM1vOFjhGthRIXyCjKla8dcf4ahyDDImgsSTYPjd4guCbBu7SwEcfw0G6yjwk1yd54/Sp77SyZBu6C
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame CB6B 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=v&imp=971703737330718920&plid=2521236318193655889&pvid=3391854065198792502&fmtid=36&offsetX=1140&offsetY=159&pvt=1698198513372&stime=1698198520676&etime=1698198520676&viewportHeight=1200&viewportWidth=1600&adSlotLeft=174%2C0&adSlotRight=174%2C300
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:41 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
ev
ads.yieldmo.com/v000/t_tkr/ Frame CB6B 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=fv&imp=971703737330718920&plid=2521236318193655889&pvid=3391854065198792502&fmtid=36&offsetX=1140&offsetY=159&pvt=1698198513372&stime=1698198520680&etime=1698198520680&viewportHeight=1200&viewportWidth=1600&adSlotLeft=174%2C0&adSlotRight=174%2C300
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:41 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
ad-choices.svg
static.yieldmo.com/images/ Frame 2196 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Tue, 24 Oct 2023 08:24:11 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
62670
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
E6X3c0SCBgg6DGRwt9e2wdTlX4qXCm6cb8zRUEDTmpZpTpGOJNlbAg==
5909135346386734207
s0.2mdn.net/simgad/ Frame 2196 		738 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5909135346386734207
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
2d1cb3f75b762bb8be443ee6f9cd1a74e8930add7650d459144488263371ff0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 22:45:34 GMT
x-content-type-options
nosniff
age
183786
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
756017
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 22:45:34 GMT
11060333927620269952
s0.2mdn.net/simgad/ Frame 2196 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11060333927620269952
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
4a7cd00c42daf7ae543ef7b9f149066d8fd6c063fc962aa8e1b7f2c50efbc9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 23:35:20 GMT
x-content-type-options
nosniff
age
180800
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6846
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 23:35:20 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
cba13e3d-14e3-8333-9613-48041f233f50
/
kinesis.us-east-1.amazonaws.com/ Frame 2196 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
f02803a7c7d1b3807ca7411d32a2929bae66bd3c906fde671160c1af9aea4351

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=6825ec67f9f7a09ddefc48fc079581fc0c27ca174fde0c73f69edcabc671f9ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
28c55c3470ca1b802ceaa0f252d4f4ff96bc1bf0395b4ccba80418b7903171f9
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014840Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
df1108d8-2830-3c9f-82a3-7ee123f080fc
Content-Length
133
x-amz-id-2
qPSxkx6Bp9ny2TpkB68PJ5CvVeQZ9yUuRuvca8qgVbbEo4/9ORLDz3InwFqUbDYV5Jm2rqXpESjWRXEURHuFR3TN06HpA1yF
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 2196 		0
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.19-513&imp=6341099763066480723&plid=2521236318193655889&pvid=3391854064695449113&fmtid=52&e=16&rep_meta=dqercb_DA95RPbqz1L-N6OyRpfA_5JvI3RutqPk9w4o4j8CBu3nlBqtXMTwIvH-kdgTXC_80O3OdqoJKLEm6BOsfxEai5TK32y9re6VLdM3xNZrBFDTKC2caJOwdahsHBlopR3ueAlY-9O5Bl3I04_31ZKzO6Y61K6mpoSiubG0N7R84bE6vcYNoLpNtXLJFKqkRSzZL--uu7Ik7TBKU6aYR1ihBGETBEDXScq1Hs6CKnbtSES5QdNP-K6j1Xr8Og5kd99TgnkcOWnHVyXEOXKKWvcXvl-Adh3-UKyN6pEu34u8sLn5NnnxgaIh_pMCuSr37Lvwu1HkgwmXDCGNGP_Aj6iPzQQBwKSDkem8AkNaq3J7n2m8owSvgONuDQhbxZ56piU5qxfxsu3uoLRoa4O5_4JVI1MYTBJJQN5k1QjQ&offsetX=0&offsetY=0&pvt=1698198513312&stime=1698198520938&etime=1698198520938&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:40 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
dv3_native_client.js
pagead2.googlesyndication.com/pagead/js/ Frame 63B0 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7960
x-xss-protection
0
server
cafe
etag
2243287812070980505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 01:48:40 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 63B0 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3trgBjuOdk3T3gD9l8Uqt7zpZqIPkqxb5-Yp72HRD747OZpdbhES7MnAT8mZp3z5Plf-sYbbUm3EUG16QIhcxh9R0ZQ&cry=1&dbm_d=AKAmf-DLXiLd2lkXiEI6U38TVCsfw-38DCA1LNqbgkkNheHpvGddAfpSswg1vh50Ny3WtMZm19fccuae8V5GRwszQN1-62_ODo6Z4_NzLuiHAdPBPsjRsKjHpo5h-QysFjeqIomyZ80lbQlt21idE58gnblicRKlZVJzGC3iWTIRJAfRz52jVrdylQaHRLKlSSKAsNVB_Logykb893IkyL-5rIbveeDJvJsB7FvyBQOrJ6dtn6U0BtXcAGCuK0npr-61uqO0QTNPTiIEA8TvYFphx8bhmgcfA4ITVJoEJJhW5ROgmarXgpCGo7lLQeJKW-w1qfcaGfVS6RcofFZBFzeRM1bBnzo1zbVnZbZUeaJ7qWav3PiIL2mQvWdxVAVnR-U58zsx0RHK8nZxRdImXGdayK45uWzG08BlepA68_diOH_7TISUhBxOga_YkEqLHPo1WD37ZMqPvwy1G_qno-yYWHkXPZCObvrwcQzlu4c_eY0EDuMeqAxo9r26iMBCu14XlM7w7AHFPZK4mtnCcwggsY5o78SMAXVcuQFi0KenXnrnj6L29HWfzR3oZ0hVuR20KwGiEPkKunTJ-WNnUCKXFE1iicOsGyWb4OTRRbPV4zRFqGhoZmQEnEAEVqWm3T2qY6u3__ttxnUm4ODZYh2hU5Ha349dKffnrUijh8ircHsvOeK_F6lSPRb3kITnHkn6jikdhTDOKRpF4t2np5AA2Cbl6uq-tTydCJ172Dd3s96jKZVZX-0ETGQK_g11r_No47G0aD177wT8zg4Lg1LmXSuCEBamPB-6wYWD70fyYlSUk8AZ2aaWcbqzNs3Ky_OAQxodDxg1z4NSNNOJZLFtOTDcoMSkTO-olK8eJ4IfLvxpJCvPQtUEgkliaPnfrF7LF-_jsNeAGX3F-FxbwM92SMiqPTJx4pzNvVvjIhOqcix6LnB9-6zqNLQWzieZQ_-eZ7PXsBbr9QrO9DnAEnl_TQln_S5kn8pEgEE9ijLKH0o3KEz14QGFUexq4v098Wbb8qA01gh4fBqHtJO4ChHMeJXKdt0yAW1kHsTcFAD8YH7ibWaFpCo5LhB1ZAqJ2uhp1xFnJokW1u_X5OyQzESj6dq0wW7C90SceqzGz-rOYQMLNaabJOXCY5TYXXhKhigi9hCVXOU9ZAO828XAquo9AMxMBhvgJaR8H6lDtJ63VkeRyuGhTTjmBYLeMH_hMIHoe--6_crUFDHCo5U7cBoh5_b8d39Mzb1boGdhApPGgMLuxOxIniyBxB2YtPDEUHK4Won2BAoVdoMtK8A1PM0V9O75874LizElr_xQo5UT985AWEIPST6N5Y2AYCvDLHlp0Ic9BU3w8ZhJ9IxD5Li8pCDLgBYgJiu3DH_C9dDpco4SuFAMcYPma9moHZpnuciVsCPAcTE7kscdbsKePGYrJmZ4bs9jZgH5vVpz4UUV6qKDFBX8sPlDOWWy4bo0TXBkNNSXG2Vmb4ECxnfaoheOj9MnOxJyeNwNC_v0XiHng5lPLvDMXsCM2aB5zP5NBMgPwKO3L7B_ndEpn1B25BzWiNUUExADJBsGHndYbYE-uqznfvHXpw7vnefNiN72OpT-OR9h8o8C1AiN_EIBzOCZKlMhEY-0yC-pbuYUBMyUyupeJ3qT437eLk0pwQCT359bVBHNMOUzUSsk0k8xBvc7yR7emJRaYe548aZhKj-Z0rHZhCnYTaGlNvkeBlf2csUwdJpGn80i_d2dK_mAZxWvkLAnrevwagzSbuPviXxpkxipTZ0bYsSGZ7XetsajRYJK-vLGxuJL7bFN2GKOrkW6JvwXAQ1PoJK3m97k5JMmQgna80ADX59IYvNEkuXUmCjvUbS21fT-aUYP-H--K_UzuugnN74uE5_mbTuh8R936Y1OdDDdhzsNght5I_u4zr5BoDwQ0ZC7YnyBSRVUpIYbtnvRdBuDR95oQp6fCnIQbtRodVh9XEcdzYnW4PLL_dmQHXYU-NmxyGIS4F9BHLsmCemq7r0nJ1cDMMHU2JvdR7YPGMUpVTTL0-0safGz6kK7e38PPCGXkmgGyOqPsz9rHsto5cmGeRXHdMlYd6ylOO37yCHzpQviSWtqBV6diTN-lnoTrMAWpXbyuNJCMjXArdlfpF5gFHfsafvB_AKSqMHkbTVRe6OEY6a3O0I1cCalJZX8hkGPhrOozJBVqhVogxVoJfNxI8UtUvZ_chXcBoHJ3f-LxNM&pr=67:1.673732&cid=CAQSMgDICaaNOGxCP1HnQdlpumF7M8LTmDgKr620tU6R0akfwFk29q5z_UKVcFmXpOBxrzmlGAE&dc_exteid=31326233362431500107472687681522756&dc_pubid=4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame 2196 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=49923dc1d792185a7386
Requested by
Host: 4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
URL: https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:40 GMT
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
IispctHIvgiSNVDhPV-CnDktrmbXAt4wjMobPXW35F5Q_RfwrA2a7w==
ad-choices.svg
static.yieldmo.com/images/ Frame CB6B 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Tue, 24 Oct 2023 08:24:11 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
62671
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
OyPUTXy66FqEoj8_hlgAj724R315c7oCdT3rFfeYNBZh0GBiLPg1CQ==
5909135346386734207
s0.2mdn.net/simgad/ Frame CB6B 		738 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5909135346386734207
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
2d1cb3f75b762bb8be443ee6f9cd1a74e8930add7650d459144488263371ff0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 22:45:34 GMT
x-content-type-options
nosniff
age
183787
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
756017
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 22:45:34 GMT
11060333927620269952
s0.2mdn.net/simgad/ Frame CB6B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11060333927620269952
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
4a7cd00c42daf7ae543ef7b9f149066d8fd6c063fc962aa8e1b7f2c50efbc9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 23:35:20 GMT
x-content-type-options
nosniff
age
180801
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6846
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 08:48:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Oct 2024 23:35:20 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
e8980f18-cf93-1a50-b52a-7921c453a633
/
kinesis.us-east-1.amazonaws.com/ Frame CB6B 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
3b07e150d00c5c8dd931c22db701a9332bc4c4655e2583df055d6068f597fdaf

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=d7ba485fb7022abfacbbf884379249585017ac1f9c3b9a4c3059f913cde254b6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
ea54dd02a73f4846e5059f958aaa8304a497e73f8350ac330b243ea5d4748f68
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014841Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
db237c7a-3e07-adbc-8691-0a4335c711df
Content-Length
133
x-amz-id-2
LzLjFBpJ3Zs+Q4kfhY8QTSz8+TFCXbOTvbqMXiRcx7QV/e1UfZ+j+RKhyBguta7bMWGuqiCO0DxYvAD8MM5RRMjDpKu6MWbg
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
effae628-9af8-f9c4-b248-901176af93b8
/
kinesis.us-east-1.amazonaws.com/ Frame B86F 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
8e0d223c5ec1242f5eb93780e156e69dff0ec1964a99360ac6c9848fe42f65f6

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=5c5295cd87a73c90742ae2c6a6b3455d949e111b240b1925e9ce875c3a61362f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
af527cb5f6b76030b26f8e0e81314e20587a465a22cca555f9d5e5ce81191263
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014841Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
df1bdcb2-2bdc-adf0-82a9-aa8ba7869653
Content-Length
133
x-amz-id-2
XR0w4Irygn+R6HVW33JtSR/eaAz5iM2O1bR6peMs1HaJOhkNWu1AYoKXGIyMQDUUfhAbfGqTXY5iP99jqQkVw6A9VucHWlLz
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame B86F 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=2148&fver=5.9.26-F36-46-52-54-59-B491&imp=580290357895281548&plid=2521236318193655889&pvid=3391854064368320052&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1698198513272&stime=1698198521224&etime=1698198521225&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:41 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
d6afc997-b391-2a33-8b1d-bfae3fcb1190
/
kinesis.us-east-1.amazonaws.com/ Frame 4BA1 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
fdfa81939cc26e5347ea4be77b50d6cfe1d914576a94c78188326f87441ba27c

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=036c61bb46e872b465bba12daaebbbb0039a12e06827e61754f07f4245574f47
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
9d3bf2d5230590a4fdb101b7d20b8f23c780b19ab1e1b35b53e62e88b5202746
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014841Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
ed862092-f1d5-2921-b034-56ab1d82435d
Content-Length
133
x-amz-id-2
odEsgyeJnmbFKOlY+1LxSK8xWkX5ly2l+ytkT/ohsQO7Y20vfWuyUneu1QMlZczyGFVMARqVf9uYV4S98w5hQk7QSU7/6JkW
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 4BA1 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1986&fver=5.9.26-F36-46-52-54-59-B491&imp=3723038705133902904&plid=2521236318193655889&pvid=3391854064443794120&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1698198513282&stime=1698198521239&etime=1698198521239&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:41 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
ionicons.ttf
meta.cdn.bubble.io/f1499272922381x868922997266054100/ 		184 KB
185 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://meta.cdn.bubble.io/f1499272922381x868922997266054100/ionicons.ttf
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_css/859f03e86a2ace26ad184e08d93a17f224597b3e5ece0a4e9df350eecfdb4930/folkd0612/live/index/xfalse/xfalse/run.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Request headers

Referer
https://folkd0612.bubbleapps.io/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
x-amz-version-id
xuz8RpJkqRZidkYFNofgAtkL0FYn15De
cf-cache-status
HIT
x-amz-request-id
198CM967F4Q3DYXA
age
840066
x-amz-meta-app-version
test
x-amz-storage-class
INTELLIGENT_TIERING
content-length
188508
x-amz-id-2
MDCTPmTVxDQDuPrtMOL4JHg5rpduSLtQGYyuBxj8AxdH0Ak/NPKAnYpqd8Jm+EDwnvX61R3g7Pw=
x-amz-meta-appname
bubbledemo
last-modified
Wed, 05 Jul 2017 16:42:03 GMT
server
cloudflare
etag
"dd4781d1acc57ba4c4808d1b44301201"
access-control-max-age
3000
access-control-allow-methods
GET, POST
content-type
application/x-font-ttf
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public,max-age=290304000
accept-ranges
bytes
cf-ray
81b6cc77af1524c4-ZRH
frg
folkd.com/ 		5 B
980 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://folkd.com/frg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_js/bb69513326a4cf815c701781bb1d8eb72447acd3929928680ecd142f00d24cb2/xtrue/x21/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Fiber-ID
1698198521296x234213370528522530
X-Bubble-PL
1698198505982x809
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNjk4MTk4NTA2fQ.kOAOzX8So6TawJm4z08psTzbFURi4e8DdruBW6Jqlzk
X-Bubble-Breaking-Revision
5

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":11.8,"percents":{"top":{"bubble_cpu":22.7,"block":71.6,"capacity_rl":0,"other_pause":0,"pre_fiber":6.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":19.7,"fiber_queue":4.9,"capacity_wait":41}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":403915}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.006 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::b4fmr-1698198521322-3df28970afc8
x-vercel-cache
MISS
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTeb%2FP3WSKa%2Fu%2BzCEOOgc9L3zp1DKwr8m2dsUxaXGr7rUNEFeVuN3%2FP%2FZq1JChMOxqQHcgoQ4FSU0Dgj5JtGauJ3NlX1NwjlypX%2F92H4nPauMVjIturNkQhmuH8wUUGdNmJJwLy5fxoMjyYjFVo9QPoso3Nado96pyrHnXDkdVqAHEiAEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
12
cache-control
no-cache
cf-ray
81b6cc766e973aa2-FRA
x-bubble-capacity-limit
0 ms slower
sodar
pagead2.googlesyndication.com/getconfig/ Frame F8A4 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
3fc909bdf81fe43f0893d0296d6107929c7f6edf3fd7be8eb70a8627e67c1821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10405
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 9EB9 		60 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=vm_YDiq1BiI3a8zfbIPZjtF2&theme=light&size=normal&cb=x0g1iyl3riu3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de_ch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
GSE /
Resource Hash
74c6283dff31d9e0e771e73e9e1a629597850b3d302a525bc8ce26f9147a78be
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vwq6BeoRENgIsO1mX5LGBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Vwq6BeoRENgIsO1mX5LGBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3CA5 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
5890ed246ecb4bbdb9e708292f435eadedffbeb0823a33e9032b32ddbb36610c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10305
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A47A 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ae97179af3e99851418e85874ce2660a409b526b13ca6cbd4ecfde52dfe7fd6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10407
x-xss-protection
0
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
eeb8e4f0-e227-adaa-b30a-92c9e9e711c9
/
kinesis.us-east-1.amazonaws.com/ Frame 1DF2 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
e58a78c1f9012ec56ccb67b81cd9214a6d99d62411777fc6d23df8a652b4f4af

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=d852087b92d13aa27e916a9d6edf670a4f407b8aae459ee8568f9eccfdb7375f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
f99cc2a01d9b66a5b3d7a51b966e432cce7c8aa213c20caa73b999b697526583
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014841Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
c1702b7a-8aeb-c157-9cc2-5d43812b7d34
Content-Length
133
x-amz-id-2
2dWJQq/mSUrKhLmGHWPshMqF3cDYPIOrUXtlNlkpA2EnxhM9/lMbHr+ZqGhtPuizWeZH2C9I0uMk/T/P2F6o6RU4jf+NAdnw
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 1DF2 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=2107&fver=5.9.26-F36-46-52-54-59-B491&imp=2502587597932613978&plid=2521236318193655889&pvid=3391854064334766635&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1698198513269&stime=1698198521535&etime=1698198521536&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:41 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8A9D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 01:48:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 16CA 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f325934d414a5e7160a44e39cb94519ee59afd3c3059953382e294eb23f84e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10221
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D890 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c6fea9ae5d0f7f62ee3066f24f1e70d25c34d3dd9314ba4040d133d249108991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10316
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame B496 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a5884800b68d88edf5b6f1fb31039142c6484dae9e54f830598f9388d5d991d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10300
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 61D0 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
73eaf94360cbddbd2b9f3b52dc297f39044e63f1e696418b3f5431876a90585b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10205
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 48A1 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6a43b79bce3a24aaed996e86591feb28c6ec3fded2c40b64020895ac6bed4ca1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10231
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F8A4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 01:48:41 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame 9EB9 		55 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=vm_YDiq1BiI3a8zfbIPZjtF2&theme=light&size=normal&cb=x0g1iyl3riu3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:10:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 01:10:31 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame 9EB9 		464 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=vm_YDiq1BiI3a8zfbIPZjtF2&theme=light&size=normal&cb=x0g1iyl3riu3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
1f8a69b2a2b34f9ad653d8d8627fb36573303a4442a5aff2699707a5ccebf033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 19:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190291
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 19:05:51 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
c290025a-3309-4150-9f22-746338c9fd33
/
kinesis.us-east-1.amazonaws.com/ Frame B30E 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
0fd8a7f6f01df027031e5aae6e36581fcd90071906aedaa8cc6e8532b6ce2c95

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=2f6ee7640430cb6015dd1c3a59a6d59fafa405d61783e84a46bad29074af3e7d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
359e89b87b84b32ba04d24c3e9c3de92cc79a8560e8d76fc71dbfa83dd137347
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014841Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:41 GMT
x-amzn-RequestId
f9424b0a-bcb0-e1c1-a4f0-3d33b7705da2
Content-Length
133
x-amz-id-2
eQQlrCNLMNBvVDzdaZ5DkvxcIpVx8zHsJoV/EoKSaOos+RnkelvTVr5zA7D2D+XWH1nVC71sxaM5dyHL1AQSt969nQIi99QA
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame B30E 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1963&fver=5.9.26-F36-46-52-54-59-B491&imp=5017925011047541814&plid=2521236318193655889&pvid=3391854064452182730&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1698198513283&stime=1698198521657&etime=1698198521658&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:41 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
sodar
pagead2.googlesyndication.com/getconfig/ Frame 63B0 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cc9859dcc936d0602fda9f8ecd54792556314b99bdeb8cb4a9111229c8386a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10252
x-xss-protection
0
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/ Frame A219 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/postback?oz_pl=1&sr=yieldmo.com&bt=programmatic&md=1&si=2331256393946538634&pi=3391854064443794120&dt=5184231558719353398000&pv=a30c4d1a-dd8d-4d01-baa7-af9f2b1b23e2&to=3&de=2&ci=518423&di=folkd.com&pp=2518831497914294538&ti=3391854064443794120&dm=728x90&gt=ch&psv=2.109.0&_x=1
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3391854064443794120&pv=a30c4d1a-dd8d-4d01-baa7-af9f2b1b23e2&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3391854064443794120&bt=programmatic&gt=ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.tas.yieldmo.com/2/2.109.0/ Frame A219 		145 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/main.js
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3391854064443794120&pv=a30c4d1a-dd8d-4d01-baa7-af9f2b1b23e2&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3391854064443794120&bt=programmatic&gt=ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c1ad25ca9ffbef941780a3a94338ac4ab517a727ffed664d23ca811707225957
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 01:48:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
46953
Expires
Fri, 02 Jul 2055 17:24:58 GMT
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIP0REeNcA6SO/ Frame B74C 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIP0REeNcA6SO/postback?oz_pl=1&to=3&gt=ch&pp=2518831497914294538&pv=94ad508b-1209-47c5-a0bb-e1a453030789&si=2331256393946538634&bt=programmatic&ci=518423&ti=3391854064309576353&de=2&di=folkd.com&md=1&dm=728x90&pi=3391854064309576353&dt=5184231558719353398000&sr=yieldmo.com&psv=2.109.0&_x=1
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3391854064309576353&pv=94ad508b-1209-47c5-a0bb-e1a453030789&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3391854064309576353&bt=programmatic&gt=ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.tas.yieldmo.com/2/2.109.0/ Frame B74C 		145 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/main.js
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3391854064309576353&pv=94ad508b-1209-47c5-a0bb-e1a453030789&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3391854064309576353&bt=programmatic&gt=ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c1ad25ca9ffbef941780a3a94338ac4ab517a727ffed664d23ca811707225957
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 01:48:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
46953
Expires
Fri, 02 Jul 2055 17:24:58 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame CB6B 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=mrcv&imp=971703737330718920&plid=2521236318193655889&pvid=3391854065198792502&fmtid=36&offsetX=1140&offsetY=159&pvt=1698198513372&stime=1698198521762&etime=1698198521762&viewportHeight=1200&viewportWidth=1600&adSlotLeft=174%2C0&adSlotRight=174%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:41 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3CA5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 01:48:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A30C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
61549
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 08:42:52 GMT
expires
Wed, 23 Oct 2024 08:42:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A47A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 01:48:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 16CA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 01:48:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B496 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 01:48:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D890 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 01:48:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 61D0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 01:48:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 48A1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 01:48:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 63B0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 01:48:43 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:43 GMT
x-amzn-RequestId
c5210f43-3046-e7d5-9893-79783b865bb6
/
kinesis.us-east-1.amazonaws.com/ Frame AFA4 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
3946966eaef86468160c9c58bde2462eb611e800234c28e1a7996ab11dd9d023

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=bbfa8f15a74d53b3c448b6a68c0048b88f407620b472de8022c703cb7090366b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
12c92608c2307fcdaaf8d7771626d1d283135afaa4fecee2d5d42adfdfaee16c
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014843Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:43 GMT
x-amzn-RequestId
c9ce3cff-f169-1e9b-947c-4ac4faa9a2f8
Content-Length
133
x-amz-id-2
CODJ8rTm2utP2p5wA3UAMTv+vq3TPt08OyJyqfXMnpqnXOr77c4qeWlgEuj7FZUkyMMVrMTlpGUeQnVaCmWhHevKsxptsTrJ
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame AFA4 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=3093&fver=5.9.26-F36-46-52-54-59-B491&imp=2421604430217905987&plid=2521236318193655889&pvid=3391854064309599779&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1698198513266&stime=1698198523070&etime=1698198523070&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:43 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8E9F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
61551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 08:42:52 GMT
expires
Wed, 23 Oct 2024 08:42:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/ Frame A219 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/postback?oz_pl=1&sr=yieldmo.com&bt=programmatic&md=1&si=2331256393946538634&pi=3391854064443794120&dt=5184231558719353398000&pv=a30c4d1a-dd8d-4d01-baa7-af9f2b1b23e2&to=3&de=2&ci=518423&di=folkd.com&pp=2518831497914294538&ti=3391854064443794120&dm=728x90&gt=ch&psv=2.109.0&_x=1
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3391854064443794120&pv=a30c4d1a-dd8d-4d01-baa7-af9f2b1b23e2&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3391854064443794120&bt=programmatic&gt=ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:42 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/ Frame A219 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/postback?sr=yieldmo.com&bt=programmatic&md=1&si=2331256393946538634&pi=3391854064443794120&dt=5184231558719353398000&pv=a30c4d1a-dd8d-4d01-baa7-af9f2b1b23e2&to=3&de=2&ci=518423&di=folkd.com&pp=2518831497914294538&ti=3391854064443794120&dm=728x90&gt=ch&sid=AlPgIMsEEeOpQ1Bu&oz_sc=98e1d01f29d32e95859b5e02&oz_df=1698198523188&oz_l=3578&cv=3
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.109.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:42 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
/
kinesis.us-east-1.amazonaws.com/ Frame 04C9 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
f01da9843465f6a375f20a3e291738fca896eee06fb2003c2c329007f0de594a

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=8091889b722c0baf27b314fd6e66e60e916e4ce1aa95bfb9cef00b17212ec40c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
7e1f20b5eef2e83865f06dcf0fb26080d5de5e6934a3285b6156b0b9633f888a
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014843Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:43 GMT
x-amzn-RequestId
c09b7449-7857-d653-9d29-027273976a30
Content-Length
133
x-amz-id-2
vlzaVXycDvX0okIB6+tRWahwnWdAtZbynrZhlCgNmpKxdDDb5w5BOQ1WOSFmda0DesnMW9rc32n7X7itN1GBBE/s1gm7SUaV
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 04C9 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=2946&fver=5.9.26-F36-46-52-54-59-B491&imp=7582215074896992146&plid=2521236318193655889&pvid=3391854064309576353&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1698198513266&stime=1698198523192&etime=1698198523193&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:43 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:43 GMT
x-amzn-RequestId
ca8efa28-183b-023e-973c-8c1313fbbe5d
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIP0REeNcA6SO/ Frame B74C 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIP0REeNcA6SO/postback?oz_pl=1&to=3&gt=ch&pp=2518831497914294538&pv=94ad508b-1209-47c5-a0bb-e1a453030789&si=2331256393946538634&bt=programmatic&ci=518423&ti=3391854064309576353&de=2&di=folkd.com&md=1&dm=728x90&pi=3391854064309576353&dt=5184231558719353398000&sr=yieldmo.com&psv=2.109.0&_x=1
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3391854064309576353&pv=94ad508b-1209-47c5-a0bb-e1a453030789&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3391854064309576353&bt=programmatic&gt=ch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:42 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E5C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
61551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 08:42:52 GMT
expires
Wed, 23 Oct 2024 08:42:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DEAA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
61551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 08:42:52 GMT
expires
Wed, 23 Oct 2024 08:42:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIP0REeNcA6SO/ Frame B74C 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIP0REeNcA6SO/postback?to=3&gt=ch&pp=2518831497914294538&pv=94ad508b-1209-47c5-a0bb-e1a453030789&si=2331256393946538634&bt=programmatic&ci=518423&ti=3391854064309576353&de=2&di=folkd.com&md=1&dm=728x90&pi=3391854064309576353&dt=5184231558719353398000&sr=yieldmo.com&sid=AlPgIP0REeNcA6SO&oz_sc=d608f14b84549cbdcba9091e&oz_df=1698198523304&oz_l=4912&cv=3
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.109.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:42 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame A30C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
11813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 22:31:50 GMT
4fd69777-4ada-48e9-aab3-c80d5e98fc9f
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/ Frame AD20 		186 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/4fd69777-4ada-48e9-aab3-c80d5e98fc9f
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
186
Content-Type
application/javascript
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B0A6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
61551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 08:42:52 GMT
expires
Wed, 23 Oct 2024 08:42:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
a9d82a23-62bf-4abb-8591-11a720b5b19f
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/ Frame B74C 		817 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/a9d82a23-62bf-4abb-8591-11a720b5b19f
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
923103be5e49e9b00b94c166b7f47756f5d7cbda53b4a20858ba51615f7c2e25

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
817
Content-Type
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/ Frame A219 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/postback?sr=yieldmo.com&bt=programmatic&md=1&si=2331256393946538634&pi=3391854064443794120&dt=5184231558719353398000&pv=a30c4d1a-dd8d-4d01-baa7-af9f2b1b23e2&to=3&de=2&ci=518423&di=folkd.com&pp=2518831497914294538&ti=3391854064443794120&dm=728x90&gt=ch&sid=AlPgIMsEEeOpQ1Bu&oz_sc=98e1d01f29d32e95859b5e02&oz_df=1698198523480&oz_l=1693&cv=3
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.109.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:42 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
59a74ff1-197a-4b2b-82f1-8813b9f6592a
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/ Frame 62B7 		186 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/59a74ff1-197a-4b2b-82f1-8813b9f6592a
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
186
Content-Type
application/javascript
bbe5bb7b-e1d3-48bc-af55-db7d9b0afd4b
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/ Frame A219 		817 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/bbe5bb7b-e1d3-48bc-af55-db7d9b0afd4b
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
923103be5e49e9b00b94c166b7f47756f5d7cbda53b4a20858ba51615f7c2e25

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
817
Content-Type
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DBD7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
61551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 08:42:52 GMT
expires
Wed, 23 Oct 2024 08:42:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9EB9 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9EB9 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9EB9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 15:15:26 GMT
x-content-type-options
nosniff
age
469997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 26 Oct 2023 15:15:26 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9EB9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=vm_YDiq1BiI3a8zfbIPZjtF2&theme=light&size=normal&cb=x0g1iyl3riu3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:58:03 GMT
x-content-type-options
nosniff
age
341440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Oct 2024 02:58:03 GMT
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIP0REeNcA6SO/ Frame B74C 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIP0REeNcA6SO/postback?to=3&gt=ch&pp=2518831497914294538&pv=94ad508b-1209-47c5-a0bb-e1a453030789&si=2331256393946538634&bt=programmatic&ci=518423&ti=3391854064309576353&de=2&di=folkd.com&md=1&dm=728x90&pi=3391854064309576353&dt=5184231558719353398000&sr=yieldmo.com&sid=AlPgIP0REeNcA6SO&oz_sc=d608f14b84549cbdcba9091e&oz_df=1698198523708&oz_l=11886&cv=3
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.109.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:43 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
webworker.js
www.google.com/recaptcha/api2/ Frame 9EB9 		105 B
212 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de-CH&v=vm_YDiq1BiI3a8zfbIPZjtF2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=vm_YDiq1BiI3a8zfbIPZjtF2&theme=light&size=normal&cb=x0g1iyl3riu3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
GSE /
Resource Hash
9c3e617505f8bcbeb5e57313fddd9e3f848670a93b06a15bc57b1d658b2b4800
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=vm_YDiq1BiI3a8zfbIPZjtF2&theme=light&size=normal&cb=x0g1iyl3riu3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 25 Oct 2023 01:48:43 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:43 GMT
x-amzn-RequestId
c452a8fb-2e3a-e648-99e0-dec025fa5a2b
/
kinesis.us-east-1.amazonaws.com/ Frame 79E1 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
370f167a76cf49dda2a089846821ee5b544ccf71aab760c5ea6dcd482f2f618e

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=7981b314223c8f19c418eaff4cad064abe0f83269a26ada5e042f916412ecbe3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
f8aebead8193acd3a38eaf81cd26e7da8de705d7ce7f936207212da11eb79cb3
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014843Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:44 GMT
x-amzn-RequestId
e9bbca50-4f3f-e22d-b409-bc6c44ff5e4e
Content-Length
133
x-amz-id-2
DituarB6hgFxtxxmjnQPZtRpFNR1cAcNJAaMVEE/Qty4wNlVg9TMbII9SbcaPnGbFXv7lKoxzcJ1U9T39eWmCXBxnGk/Ijfo
Content-Type
application/x-amz-json-1.1
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/ Frame A219 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/postback?sr=yieldmo.com&bt=programmatic&md=1&si=2331256393946538634&pi=3391854064443794120&dt=5184231558719353398000&pv=a30c4d1a-dd8d-4d01-baa7-af9f2b1b23e2&to=3&de=2&ci=518423&di=folkd.com&pp=2518831497914294538&ti=3391854064443794120&dm=728x90&gt=ch&sid=AlPgIMsEEeOpQ1Bu&oz_sc=98e1d01f29d32e95859b5e02&oz_df=1698198523792&oz_l=12809&cv=3
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.109.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:43 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A3B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
61551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 08:42:52 GMT
expires
Wed, 23 Oct 2024 08:42:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:44 GMT
x-amzn-RequestId
cd8a1bc3-6039-d775-9038-6dff6bf96b16
/
kinesis.us-east-1.amazonaws.com/ Frame 2196 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
8ed42953f93b93830f03629f791b368704142602e6ae5101dfd3ef6ae4a80455

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=afa4b5aa00bfec7a7ca0b90830e0d36f4ce7a6ad65df508648083e151109134c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
185dab2cee49cc5bfacd7a88754e07fd79705911106e6ebf072eff263b4a7564
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014843Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:44 GMT
x-amzn-RequestId
d1b39886-7cac-a9ab-8c01-eeba776c15c8
Content-Length
133
x-amz-id-2
hZuQbznz9AnNQH8HRkvWjEW01TQJrOZfqTzKV1kiBN8+SEOWvyrJ04lLTv9ar351PnbwbixooFP951RUYB6HLmNUJ8NuZlDn
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 2196 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=3026&fver=5.9.26-F36-46-52-54-59-B491&imp=6341099763066480723&plid=2521236318193655889&pvid=3391854064695449113&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1698198513312&stime=1698198523962&etime=1698198523963&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:43 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIP0REeNcA6SO/ Frame B74C 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIP0REeNcA6SO/postback?to=3&gt=ch&pp=2518831497914294538&pv=94ad508b-1209-47c5-a0bb-e1a453030789&si=2331256393946538634&bt=programmatic&ci=518423&ti=3391854064309576353&de=2&di=folkd.com&md=1&dm=728x90&pi=3391854064309576353&dt=5184231558719353398000&sr=yieldmo.com&sid=AlPgIP0REeNcA6SO&oz_sc=d608f14b84549cbdcba9091e&oz_df=1698198524017&oz_l=1405&cv=3
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.109.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:43 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/ Frame A219 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/postback?sr=yieldmo.com&bt=programmatic&md=1&si=2331256393946538634&pi=3391854064443794120&dt=5184231558719353398000&pv=a30c4d1a-dd8d-4d01-baa7-af9f2b1b23e2&to=3&de=2&ci=518423&di=folkd.com&pp=2518831497914294538&ti=3391854064443794120&dm=728x90&gt=ch&sid=AlPgIMsEEeOpQ1Bu&oz_sc=98e1d01f29d32e95859b5e02&oz_df=1698198524128&oz_l=356&cv=3
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.109.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:43 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8CAA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
61552
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 08:42:52 GMT
expires
Wed, 23 Oct 2024 08:42:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bframe
www.google.com/recaptcha/api2/ Frame 7EFF 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de_ch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
GSE /
Resource Hash
6b99c4d2e434cf3098e15685a9e4dcbbdd7afc7cb97f3898f9b3cfc944ed2e5a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g7alB6kAk2EKcWzahXwyeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-g7alB6kAk2EKcWzahXwyeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A59 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
61552
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 08:42:52 GMT
expires
Wed, 23 Oct 2024 08:42:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F2F2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
61552
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 08:42:52 GMT
expires
Wed, 23 Oct 2024 08:42:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A9D 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CNqviLiKkIIDFcVoFQgdVCgPpg&bg=!FRalFlnNAAaMkNwkrJA7ADQBe5WfOKl46QBR9RhFkNwZHVO4YoCNE5n0O-Py-SCgyUcs7Ji0K5JXlB_QNm3sXlh_cIBJAgAAAYhSAAAADWgBB5kDDGzsI3VEqBR9ZAxQ462SMYUzLksXyb190-qudf0g8i707m--R5uvKoR58YQdfCxN0IfsumROleseWTbDXyNS_MDFDIz1CgsrPxJFGQVTIQdpIuexhcxRIsbUdje2tOY5zB31DvZuqA_48Tndsyy8fmeFiA-72fJI48SxBpIJoK0ge-mXXR9o4T_jYAMlWzeNFgDz5wemkMSHIN8inimP-7O1zc07BFWaeah3lydD7CIkgh_ddxs31Y_Qezj82dwWc0bt3Dd2z7newJjvdUUYHLo0m_diVYGGp3kB1fSGnY-8llH7s8bwe_9oWeyBlpq0Zbdu3igCQIGwqDslLiMNMCb0hFcE06OnFhJkceB6i25clNpCYklph3dHks6pxtcL0WQ7yxjKLlfhuxRooC3MUFucmp6l6sghGXlx9Sf5WVn46KvC3mnNvEb9Wv4r2A3cY-TlHEf14XubyMWNJKBYuweOxIF82CFZtc79SuTpwAuR1WQlWZQgiR5CDO8xe2kYCHV_L7CIEQZhcUbE4JynO9roKO4P2ZYxYBop18JxsxPSP1wReWbgI3-FXNUhlsmnp2iqxp48O04v8JynKkFyeXegC9lMPvT3AZ_k_ZHVa8ue3HV8XhtdrohIFE_T7WivQZ8YmuVoT6YRwgBEEUJ8GH8OgjuHVxslmDbQpr0HR9jKr0Ode8TBCMsx6mYIsyje5b0dAnftmxSelVzDiIhvf2HqFRk2uJrTNeq5pXwBuFJkdB_gCLDhvHxQ4rLvp7tJ5UQNwoZD2sR-ybBGvxZ_djsgfL0EKQQSlPjsTa61vP1kQCdt-ci537pTHH5ULJ3CU77V1Kxns_6vVcYsS92ph_j3mvu_QXocw50h2uDhmncrC2p5W2M93HA7mJBYfqrTpKt3E09r4BPQ4_xEJqxiJswtwA_mcYyt78BfoA9HB1iSTewhFZYiNjdAWtXZ5BG2uKxaK0GK9x_eIKko-ea-m80nnpUVWry77V7piMMo7j_IRpu8SwK1jucOm0MLjHtVb_xfj2LcBkNalFo5uw
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame 8E9F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
11814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 22:31:50 GMT
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame 4E5C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
11814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 22:31:50 GMT
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame DEAA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
11814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 22:31:50 GMT
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame B0A6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
11814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 22:31:50 GMT
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame DBD7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
11814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 22:31:50 GMT
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame 6A3B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
11814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 22:31:50 GMT
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame 8CAA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
11814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 22:31:50 GMT
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame 4A59 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
11814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 22:31:50 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame 7EFF 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:10:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 01:10:31 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame 7EFF 		464 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
1f8a69b2a2b34f9ad653d8d8627fb36573303a4442a5aff2699707a5ccebf033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 19:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190291
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 19:05:51 GMT
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame F2F2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
11814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 22:31:50 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:44 GMT
x-amzn-RequestId
e77e0459-152a-ad11-bacc-72651eea1172
/
kinesis.us-east-1.amazonaws.com/ Frame CB6B 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
8eea65a1264a39e7878f3922351e5c069c28ada5e1092f54f183a74f2470ea1b

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e10681c8e81d0d3136a787018235f01c2bae99f1dd87d9c604c90729aad43b61
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
969844cfcb801e9f894bf492cd7c4c246bc4806eb53b3e3ff9a90d9c9a93e001
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014844Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:44 GMT
x-amzn-RequestId
e2a8a790-b954-296b-bf1a-d1acb2949508
Content-Length
133
x-amz-id-2
iogG/gH3L7wBhY1a6GpatA6PHqxJS+MP3puO762bw5CL9UAwN4kNq4KMt7YDVNr23nkJRRORN2bLTLkJ9XcRvQ/HQee6gRC2
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame CB6B 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=3436&fver=6.0.30-F21-36-40-46-48-51-53-54-55-60-61-B538&imp=971703737330718920&plid=2521236318193655889&pvid=3391854065198792502&fmtid=36&e=11&offsetX=1140&offsetY=159&pvt=1698198513372&stime=1698198524607&etime=1698198524608&viewportHeight=1200&viewportWidth=1600&adSlotLeft=174%2C0&adSlotRight=174%2C0
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
pragma
no-cache
date
Wed, 25 Oct 2023 01:48:44 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=aa84aae1-d644-47c4-8bef-3f89ece507b2&a=p.l&u=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:06:10 GMT
age
2551355
x-guploader-uploadid
ADPycdvOeTSeHk66du2fNq1BXpRu1iH7OtxvtA01QLH35dbJZ5liU5KGDE43-pzq-l_1EvkHxrEEcWUQX9iKLyzeN7LfCZny4mQ5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 24 Sep 2024 13:06:10 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F2660113330141EEAE1DBA79DCC37014&RedC=c.clarity.ms&MXFR=1F83B49711A0641805C4A72215A06A4D
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F2660113330141EEAE1DBA79DCC37014&MUID=0573BD532185617B1FD2AEE620F56084
42 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F2660113330141EEAE1DBA79DCC37014&MUID=0573BD532185617B1FD2AEE620F56084
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:45 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B3E661BB0DAA46649B156E751B2D83F1 Ref B: ZRHEDGE1421 Ref C: 2023-10-25T01:48:45Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F2660113330141EEAE1DBA79DCC37014&MUID=0573BD532185617B1FD2AEE620F56084
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310190101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1724e60e561a0235231a5ab5c858205ea4a27f2703ba4dbbb0b38d97ad716e75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12101
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 01:48:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3980 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
61553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 08:42:52 GMT
expires
Wed, 23 Oct 2024 08:42:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D5C2 		829 B
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
GSE /
Resource Hash
565c259cb4f50eb907737b30c1534923c883f2b8cd0d848fb74b4fa0f0f62db6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NEWiqx6wCnh0v5bA6Xzvwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NEWiqx6wCnh0v5bA6Xzvwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 01:48:45 GMT
expires
Wed, 25 Oct 2023 01:48:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8A4 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CLzSkbmKkIIDFdGycQodtaQDJA&bg=!hYalhsnNAAaMkNwkrJA7ADQBe5WfOHddZfoV2Ry5RKQUMifhmKxnWOyb1OsSMOcsjLSl7B8xOGodbd_6kGGZtA4xbktcAgAAAutSAAAABGgBB5kDJVEtFuKMXgJzCK-bE37N1Fo3UIQrvoQ_8EGMESsEZiBxnGiN3ira4FansjlH8Ny92S-JKVQhxQgX6JLH-YEFI255O1C3pAs24R1sSSnHxHr_WqujbQ81QNOcANo-_8l8XL-3i1oFUZn_QAT1jO-1N5iwHSLWCSq-efeWkRskOFapnt0BmzhrJxqEEfF3sm2WFzYF9WRoEb8xqNiA2UynfPOY0ev_jpAxGeWK4q0OMMZ-EsvNN2VS4_rGP-QEu8pBWnQmB0Dpel-m6qnv-4I6Fh58rLc1lfQa1AP223LxUUWYof6V6PT8o_xSgIt69T1nXWi2qBc2lthMA5BZRIkXFAiHkNJMssd1A6XA_89uVvkBxuY0YrpYJYS81dF-Y7DOjqCnfIuoXIczmnTpzeOoAtvsBzTGPPOCzlHyoR0-D36veb3WWlbevOibAToqGDoorwINvRrJe_ObTkQRI1X9DfwZbiLYTAkoqrApMkMmW5kf2LZVNFyo8sFCnWrM11DWwN-MeewO7gXdP0gxb6n6BKrtxAaQTR5usIxNtelQ8uKs0R88Visu3ZGruz0JAI6x5K_EJUGJWN0gOdv8QAW2rSo2IZGdH2XfP6U4hBC-qwYPiyQ1tjTQTFAVkCPIWR7TPqqY-1gzYN6dEYYs8goB4HfVbA5U-x2mECagzTf3a87DRDczClojEWAM20hJMf-mHgF6QPCbLEEGr79uO8AKfNe6fQ06QBiiAu18RiyAvvXRvWDiexgT2WItBq_euPHTzrXbsaztUjpLkDCopLGtsj4BXlF5BWSMFh9EgWvDdwhb7jkjS2Lr6GTxYdw21-StrxwhUIcoTpJdo0vtvc1XzceEh7fELADZGTcvR50jyEMDUlZAvo71qHELcTRUmPuL6OmX4-6WYrNfh2gQ9oOq2DLYvDL14vKWIBBR505CF8TdwuJPEpOrGHPC8bFGJV2jIYSDDf9Alzz7TYOHOH6w_i60l76t8Ny8eOqItQ_vDzNh8xQR6PnVb7CAjuL_R-Dq9JkIyaNxrBj_JdNZT3knbK6YJMWB_dNq091ILzaUZ45M9J0hq1k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CA5 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=COfVkbmKkIIDFUrq7QodDDMNkw&bg=!MDOlM3zNAAaMkNwkrJA7ADQBe5WfOK0RvMqMOtI0DsPGTtatfcJNqOKTR2YC41lnSq1BcWl5egU8MGxLaMx77_ihpDlmAgAAArpSAAAABGgBB5kDD1lc9rf8qwVIB4DSE3l1vbwWTGOHb7KISYewAJtf3LHo6kjWnfAdGnIAfZVCixceZAbyPV5OB_CEdiqAg3E7ebZWTStTdfHnSm79fKxI0EnC4AA2qIYWlf4QsstXQKorqLfyIj1sKV71ldAZ6sDQS6zqZ-6ZjGNUuVrWvm5ODygVx9YF2ho4NMPmSFpsgyFNHEGq151orGB4TCa4DUYdiVj2LZcXTC9MVnRL58mLodHUfxmV3CnTdWLKLGiPZ4nTxV7zsLXA9vSzTKXlGH5lrNg2e-gFeD8Ao1bl0kyR1A8vS74ReujucVdBHfT4omKsAg1tfhLYNZyMV9QnuHdNOMKlWePcA1Hn4PqJiCYLTLeBNL4DjjsgmauhGMDaXSXFb7dQp5ZI35OUlsOQq7RKaw1yFNDrANcQwS6J6iSYdFPZi5pr4eHmkLm_jLGhLu-t4NkWNZC4IQijHudB9f0T9BkC5ajJ7m7ubb_BiyTXo0Fsm0Np-6LzG5ZI39anEAn43WOy-yR96Q7DWNKsopXyJFURGZbNSTJ2kh1WXy31CUdcZ5_gw9_JxSEVpetuMtYt-6uZKaWcP77jcEhptbQ3wMY-VDsWl1rx1Kyx5Xiatd8A2zBUknAvi_pmZsJTkdOn41ul3MbzN_5j8yC6B5YssesqNTLkQz-4X0_8P-sKhYz4_D2qJt73-o8luIYRqi8ti6uACDRaLxSJyakrF1ZeGxDTxHFvV95z506GRq0MroJnHI7h1lYjuOazA3pTX7BiQGoHWA171z_GUifzhFhitF6U8ppHvqMpcA4-RkFTCqwNt4UzODJ5dcW6Z_Oj-UXv2u-9XeEeoKipKTholWCEpGAz1NZazM5I9e7qOogS3fQu6by0-OY4viFCxiHTOia38VPYn324Bn5lE_wNGLGGw3r1LV4szJinsaZexCQqd_RlZX5BIvL4nx_t9dArNnpU6DRMGnORi067TWY2JwwpMVDUj7ZbSpQ1PAnFkQIiqiKkvLEVQ2ygTtlUmj3T1SL4NdrYWoVaRrifPmc6akE3Og
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 16CA 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CKK4krmKkIIDFdWFUAYdK4cHUA&bg=!nZ6lntHNAAaMkNwkrJA7ADQBe5WfOPJ05C4GpShWl3gXv-_AriQqUd_2au6ToDG4yKRjcrmh6TGP3SfCW62pbXGIUz56AgAAAvBSAAAAC2gBBwoAdpmLAF-ettYbfX0X7ffuJdY4oiLhPQysOomJZlga2QZhT2u9fO1p_IQ_1y41-5p64RhWcWIipsHhLhpCcV0Sj_FS_QrAX5q-KfDlngmnc3hLwUI3JyuZHQos03e8S6A-uh0fg-KcMMbDfyrNxjLdL7TNg1ckZjKZAxgySq2gp_PUJEIfvogLA47KIjHt-Q8WkEXQ7ojPSF53YIhjpWjADpcmFpb61b5cubJrN-k24hkGT4tpdxBOAA0atYi3gIGGFP0u-DptxaulYaSDMAtmhGMkY5M3PCBcwo7uoxpTfaBP01Ar9v7-stJcHM8AOP4GctAwIioHeSf2QVhMS1wO6KaMpQUgJBzTFqa5-spnKspEIz2OCAgNYVdKifKV0TOD6ZcXCRX0fa02ll_FGtX4JNzLzOw0HYNCaqUA6JOBTXrnnHuFotF-Ktzo-Bv7yHOrditH8a5E48SLznml1BshvefzXFg4yCqy4rtTW04zEBx_r29ysrTihpFQTaTlevp6GWUH-jPySDCAlNN_xBZGpSggBPFvX0hDtqRmJrQEJhyZL3UIvNXheBvuZ9SAHO8DdJuV6pxhWSYFuARtLemb4GKdL94JiXUuAlI5e9dZoka8VPAKBzDpXHwp74WxiBDVNLmMih69tKzN9Xif8M3blHbz-u8QOm240fvkB0hJmaHSC7yL2FXopddjuvWGtX5nVd0DkhWSLOCWgkTOZlsE4H2ZA52UNJMGZvMapQspHRA8J4D2zBvkDuLfogqGNJTy4UlWm3Ka4uyATXC5719hBLe5A7pWVwavSIQqN2ZXWfOV5aqhuPSzLK1HbnzNy4G4HxH1xFP939zWbssKZP4QJ19EnOBB194Xo9c1xTGNfig1M7MsjV0x3gYiIl3iBuPounJD6w3kH3wMRa8IddhxHtAb8z2lk499p0UCLcAsGjBcMaiWZyw-r6hLMAj0QQ36IhEdbtOIsSGNcITdeL4CLj29JaJxc_DV5mz0AVCgd-OqwMTU8Nn4pT7L_wbXgV7q5dBOLx0gUvWdqn2fO9O-SGLWHAlk7Yhq5S68b7-bckx98pzXOpjyqcuuAR2NJ_OnZ9Xt101yTKwUS_pMoRhtxzeag9hidegfKJ26I7L_gKPmjyirUTF9IKxTRN_U0rO1NfovkVc3XMLejwyMDm3_szx2C9VzCk0AnZdxAEaUyDQk3P3AQ0NQd24HOLxiY4CnVu4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D5C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310190101&jk=142832083690203&rc=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame D890 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CPTYkbmKkIIDFdxiFQgdWu0NNg&bg=!IiGlIW7NAAaMkNwkrJA7ADQBe5WfOMGr1S9A-cF1JIawZHWzbucmWWZcNErqWEmYMLrJBrLKlxAQ7Y1s9679lZYep29iAgAAA7ZSAAAAA2gBB5kDC_iAFDFM6n31l4ba3g1L2EsEosC71Xu0DGi2M5ClYZbl35IOBQB3PV8KsDHfORitwUj2X0QKBMU6AETC0PyxO8K9xfrRrBJTgr06FZ9NaH189Z_rlIARruR6OtOKG_Epyi-CVAwcfECrV6l-fR9D7n0XZ70ycf9t3rW28zcamBPJgUId_83qgVHR2tHfrk2_ozwDm7Tldp5UXM_66qJ8vu2GUdyhYkjbKmmY9YRfoHX__Xc-2xt1exHV0bwW-wH1B3MxRqkFgCiG7J3POK1kp-hVKssexA2nE_OosTFd39Q8wNBrzA1zEU4s25Gz7jjl8FDmF6iZwHjQ0KYeYh9LJVL2SaRacjT-KUMqq0-SYRQE-5Vs3DSuuqSxsdwr2WFYXJSQUVL-pfVd1UOL2oJEilfEhf66uOpDmbbLQ34W7rmDQ8d5O0f14gfpMN9KlhkGiieIrVvPtnbqNvxLdezi35ZhHYMIzKyyaj1bKxECaabVGeC8fkVjHdt079pRf9SsrGiYfaY3vIYGGg1wY_ui1_Dl6lkCEgMxBKbTdCPIjktOFD7x0fUbWOHjez7Diw1CVthHfayGkM005O4niFEnT178cmTVrhkomKFCOlO7hs4IQz3DdOH-sNh8qMO0OkUWw8ZTHLB4QlsxHP287mAy27FowTm6S6dpSwRu3GOwmop12ccMAwzI1aKB-Q54v7dQgPYLinU4PSjww_LnpZofoPJATKn7VWYL3qoeYXRS-iGPr9hvep0XsUet8kg5k4m8KBwNty39nS-_kZ4ICoyg6uEadYwb0kcQxdGN0PPaxbxZ4MtEhknFvdyluQ-8MPZAwRYZ2rB3a2UuQyvg-tfv2xTJGjbhJ-KRyJMQUxx2fQzkgJ6Ei28ZQHftLUlYALGgCbK5zZFUkTouRFDNsHIvruJm1bnZW0-R_peA52cjK4BVmOjQ6_JJP9P3wFlYSq1nfqCpwcyS0cKzfUkNrddcCtqJ-p7ZZZekx3Xwz47Wa3SpwC3f9Xgo8dOe3K2van--4Pvv531OLdSEugLd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A47A 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=COT0kbmKkIIDFdBoFQgdznYGZg&bg=!Tk2lTQLNAAaMkNwkrJA7ADQBe5WfOFgURjTLMnivQyjcSpedx4CxwP4Stq7oduN3TYeqSfDL6lcWJwe4OA9-cbV72o6IAgAABApSAAAAAmgBBwoAVV7WCVDxaHhWnfShnF6esj2XwAkFRaz1s9SNhyehCAg7YF7pfif4j-q27_QLuKHhNofRuVkmIKlrVvuPV7J27DZjtXp8ANK_Ts-A8gS0IcCAZEtueQSZAxBeSdyOuBy9WCKcKJJhuuPn4WpNvf1SgPETzVkQV0iBSz3OPOL-fa9XbQCxhkhyeH5nLXVsZb6sVk1bM6aLUFKU9HsxK3x02bzBYiPjVyArCduB4GNnLHE5rfDkrgI3Sl5IAsHF5lkuRCv6PxFsPzJdM_ldTHPHwc2kzjdJ4iV-GPaxQ8-aKJGABhdIHTG8YXjaYrk-KmrSDTLmHat4MTGlWAbpkY_nNKJ8eylRCELQ5LifPQ-fRbVYstnHWgNj4oq19A0IRzoCcbRO9v9XHNwDVyd84eb7kzgCwwBaUB43_cRO1CalK3c7kxts28P2WqRsLx1fw0rdaOLhWrRpBhdlkh1r1zrAlSA3R3hlUMScL4vjE1M0ChS_0HNkmSGSffa3jgQLMo_8o7M8GaExTUQRaasV3T8HK-NqpfumxO4TE6L7OeyPnI94xFjya8gvkzO4-O3yLcOPEqe9kdWvo4Qrfc5-1lK5VpzNEa2IxAveJ2aJig1J5rjTPhBh8xVIg1FWarSaY2u1il9voENSOwrGgbraaYHk2t4ZiPKf8sa8YK9UYNq2_mWUFfdI4_9241vcLqz8BmH7x3jyojOhNFiarbUKDB5t2phY-edCMEqAJRsywfwJ04Gkq6lR9ViULNdEt01hrfc7V-qyYb4aWOUs5DNtnDlpUNGpkb2GIVmOwpBKqPBqV6RpWeLN8GaTG5Bh5ys4nP_0VePxKOhqwjO8TC8tmaQ_20mpawdsSYedf_2C6e2VC4G8AlTQJYECzBLdmHiST1jxdSfJKYWX-VwrZeyr1GsoOXTMpC-Ov4BsU1JLDmbtkVL7kGAcKZvW0SdReWskjBdZ_ABnmIXVIF4SQMSr31bomCFgGf3BLYTou1-kmr7mlWp7AUnqUZizMedFsiX6EqlEjjJBlaA5EogR1R-qZiHwWU67uRaaDhOzbIK_P5_HqVRc7ccEVcWb39VVymEJMZ3gezUc-taLRgooFOXPBzcfp_Q-rpOaaRGwolBIs1sY2UmTX_JJwZ-7xPp5xamy03mNr55_vLw6gXpx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
s.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://folkd.com
Date
Wed, 25 Oct 2023 01:48:46 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
gen_204
pagead2.googlesyndication.com/pagead/ Frame B496 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CN3GkrmKkIIDFQOEUAYdOVsO5A&bg=!GxilGFfNAAaMkNwkrJA7ADQBe5WfOHmfTPJh-C6c5n_8WTaqFsLBngVukHlyzp3fZNNaLlEr_LfW8dzRNCg-2Gk1zuCxAgAABAtSAAAABGgBB5kDHU2JlWFvVw62U0NVRCHm8ULFNMbKYZPF0wBRXd0p0a80ecWYnwlhsimNzVQuh0DUqyDvOnaFigheklENd9VXfdSBCkwztszVoZuXvOknTTtxSmCCNCLDGWqZ9WO2Dd0McVgn1mlyMWX--Bw-1UbdbW3Oq2LcldIn1Kw6NMFwSAPSZUVpwX0tpY5A_H_hxLy_68pA7net-piimb564YCwcmr4OjFMzQSEnEvXJzrUfrFj1epfA2W8LSh_bwaKpu39vvW7ZZEaiD-K0Fg_rtb0TTLPoQNqmxSmUzXhqY-4k727jF8G61V5IGhqRpbdDlBzr2R3OkHiQ6h-_RVqao-fXAi4qkdEPeGOZo0GL965Yl2o45mEbmgQ-NeCw8lP62UF9mdfqDo_1D-wDvImVpZu8ThTbiG_2RzIh1_uL_0oYLFnbUp7tRjlv_YqR9IIxKjCPYe9gJcw0WCmTGNBtc10aMX_3UMMsxsXkehSV3tXTmiTCCnqdtlzuGBVOaqrMl1K5cC48O25GDUb1__nzspnl82zehYJrUMHqly4rAXU_cWVxZcKTjtgTcBPFWEy2-W0bGD0PuGqEF9CboioE5mKVWFrdulX6ZdHBd9JmEZ7Hir3YVhQdxH8tLV1kK7mHeQV5vfHA2SZ2wRSeaWG45nFXTMf9DBpqHIJzwA6SZlozpZN7P32WnjUC11WUiyVS3W5KGm2ihIJRzP4OxGJqz44rUV7ySlt7dEs-_hn3ecIs6GoXmZSU32kjT5gron3oOPykXN9fbdtUqbQc2RcNopcDC2HlPlM3fvqsJOGMaw7eoc2ssnt-fahd8atO-FqrNLCypt_1aBqmo4QEm2Z4axuR_MDGWWmrQAdNd9AyGbWZfa9HdsMGgzM3bQ6yWOzgd4FgfX4bYC3yZytW42iQb_aGxl-pSxnYi_zMQZ9PgyTRnp_l1WyE3eUezy-KRmJkB-7l-Z_-nlLQeLobhHj7ydQ6I7tPAZEql2hNWKEYlDgdT1MdVi30SiaIAyuGk1PsOP-u7zUzcviAVlUmAnkkw1xzR__uD589bC4ZsDNvaGi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame 3980 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 22:31:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
11815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 22:31:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 61D0 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CLnIkbmKkIIDFU5AFQgd-MkF4g&bg=!7O-l76DNAAaMkNwkrJA7ADQBe5WfOAr5xmKP0PA-t95mc1TitYRSmVzKKTY1_Wtrky4by3WYUDru4YzVhHhcxWcQxdQZAgAAA95SAAAAAmgBB5kDEsJrYExmFGwtbAgJN0F2WZeBfJuc6plv3GxsS2gvqflzmoGanVVHKkbcsP3191Ud4Va9M7qRMmgELbyF0umIVX5Akp0WxyQZmhCl9EpwV_evJs-_HFaFcWB1_kKU9Sie6Hpm-yBkPYY1rDB5fZL9Jt7RUvIu9kNsqwJsmgCsNBY5SJNbeEe99Lp2H6oNXzONYGXOat3iNMGC4_y7GH8ZV0QhNLajh9OVeaNNwcBIb8PCG2tBneoeu_ddszclw3HLchIka38ZYQKvx1-656SJREx2xHvH-lNsJUW_XkGFa8p99q9nxRqIF7FzFgymrEV6yaRMPxiMA7NA9elaYBt4cH1vATVUseXRiRrIrbEvf8eKCISlzQV8vBgkv5TZw_nhoPQ9UkpZoErdal3zGnoFM6T8ruXy_BuMHRcunAgkNEZzdGN9eHOxCsv6UJymfMXI80TZyfhp0oFJ_ggQdiS3t9D7KsZnjmvSIPV24dKl6BadLNtMzxLtK3oX03GEhDGsyO4mp4iBpGlrE6bxGuMJSLwhaMCnZEaRgUo8CZkUVwMThoSkHRvJH9OmTbkHZvF2eMvbBBTMUSO2KaXnlefXV4svNP9o2-u7t9RnrwNhs1KXKtSEoF4I2HMqtrSnKTuRmFkkRnWv8S4zF0BUYFqRfNB6wYYdsalHZREof-KkumoIE9yT85G1paQ7Hj16U3FugV3BV5o3RUi7KiMuCSQ4dBhY1LE3z3SlAKkAZ4edJO5sChofCAPJTMUS-XKGaGdOmYj1u9WEY1xD2SwLkr8t2oFijPYRHB-zCbZrJ8lDXiuUZdwGeY45jeRxzlQ7x4lxB317T5CIe0hWDZkw_UF79i299BcZXXxiG_CycqGFfDhSDXbXcXsl_BiLKsbrsogBcBcFixU4060Dkx9lNuvAfU4YbT2p8AunFb10q6RbIvpo-TmtU71ypBKYjWm62emSbIuO2Zg-WEBydGNbdauWxfjYP5g0PqlDcjBTx-YHv6QELUMTFk3YJPsmTfsHDtDjAcVpyESEaYS4qgfWgU5VDGRxLg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48A1 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CIjJkbmKkIIDFShjFQgdd3AEbA&bg=!0tGl0Z7NAAaMkNwkrJA7ADQBe5WfOCnfxllNiLf6V-SW_5197JxOXwPzXZStDbJU75p961tNAJqZvUMK7yMim_tLb851AgAAA8pSAAAAB2gBB5kDCdIqd4YmWJcgAjFxPdPMnxJwOlu7_b0r4EABwuyb6aEzYD1AaRuQmibjVo3XzpcDydH9bib1XaZBwTC5NoWK-8CbeET30jrsakFs_VL9OnW7r3gYcxYFF00X6H4HepvjfcTCQSMkG3pbNmpfxvr3wgfyOv7AUqSAuEg_FFWNfInr6slCxX-3kEUtAk--t0X96eBkndKDgr0JLN6u9Sg6HNcoohxLo0B1NhsYEgTr2tkaRkHcBOWL8sJqVmmiObQ_QsIErHvXyPE7KZ_McmOWwrLevuRtKhOsFLAB-7P22bz23aTzDlegz8JxQY1rJFkJcnW7SuU6IA5f6SHC-5XknNdTjj5Ki_vC9sPJISJ9oHtIHPKu866mLUR-agObbY78YVEg5dzrSmUvmOzGZyCkiExGGeWRVwomzqFS9OuYzO590uMqSjb7MT9UggWaXo8P4ClwyRocIDbimV0ES1cKUXkFt78-vGu0BccFxPWzk_SAd9w2Dqt9I8-nGZ8kYpDVFFNNAbGSjzZbXHDEpAu_cVrXKyI45fKoi_8lxKEtBYcY2b7IA5uBt6aMI7arIYtn5jX-ub_sRuAW1ycvDDtQq-ePl6VFo8RJEDaY92owFQTxmoSBlLZ-XxH1DImpczwf31oTWdFxN-DJUnf8YTOHPQVRF3bOrheQ5uUXUf0MxQ2G70QgRHd_pyw1CIHZTx6494cHfRTEuTNiHNKj77KfXlMgL2JgkCYfRcsRFnPryxxn1npI-M5jjzADB-sdWxby_rzPOxbREYd5nsC4CSxBG1E69owgrELmhRAJV8rmwMagI2bbNuE3LA-4euuSPe6kXZrooyBEJzH7BpIHTrSfGZucUxW1yVXCkKLDFWcw2W8WNJTB0s2DA-fnAO1kwAG9LkOHZAeRWM6J46JTG3nzDten84wxUzu2tnveOC6PHmvTeyXJzcBEgM-d2U3EJE26-UKrdiI5QxuLZPgEE2-e8q4IqepCuZPj7LNeBSGc87o3LGjHnbhbZKIkJVah0N9fN30IIVj2rc6F4g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 63B0 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CKe3lLmKkIIDFUlfFQgdpUMNiQ&bg=!T0ylTAPNAAaMkNwkrJA7ADQBe5WfODHwERLt_Qst-ZlYuU6AiFP6NEduXqvSpIbS6nRZFCSlAANrND-JHCvNFpbnHum_AgAAA5JSAAAAA2gBB5kDFJkcCWK22R3dFySJ8ohWYahGnwM6H_dQl0gdsf9NvtqCI6eHpOab4dJn1WXpN8gGUpTumHEZQ7azzYt28NYoi-9WY1gPXW8d0N7PnUyOxsfyZmvyq-w8nQD2Yv7_HUQBrY_UoJbZYMrs7gnuEBZNs7C9rSCCY_9v55th-EEtVbob2Ddg2NU43fz1ADicgAgdgxXAL7H_0RWbRNKSabkeUn7vNnNppqZtjzh2WRSd4lFZcb6M9p5qs59Zyxt3f2INnrdO84SrsCJ-6ueaYHOzvqvJlWAE89B8RxXTWXFc339wFfZE_fvKyFgFKbXWJvuHKP0vWTWM0l6w6L53sXfHhANcGGUBOBER_gae4ObBErQaxJrHv9qVEf3nuR3ckeyBwvoAUc4a5Xas73jrqsoD_1HwaCTChlnS8JaBjh07EUUJPHoOJOL69dAHd8q1F4gtoRqrPCxNFP1e2-PfYjR1rPq9ckzVNg8RdJiWSz1NZ0iMijhCn5segP8uPnH6dzMf7szDnV1RzoUPYhxDg2t7JpIYKoOIR1EEtd7v8FwkysGhn7XLycE-wR0p8Zqt-V7TeeDGHAxEpxnJCHsLeEtNxeQqwGpQl15lkuOI9dLm7xkWSJO7SXZ3SAmQa-C_WQQzjTmykEdGQ6xoseAIB15oELFF6aNmdV_XozL62-fXmd-lySh9RHv_kSecz93gh_NoBRBJba8gkKcMav9RkNbcuTmpImpgesHlHZHoao_kLtQST411OUvyOUnWqFYBvjFWbd1W-8jXFu3-yk3aWDnvG_dPiJqtTfQ9JZKoBPUwY2Z7MNMHj1DvDt4-JMIN3Tk1Y_OlVZV7GX8CI8wfG9Yr4ZbdxKjoM66UW5Dk2KYOTcOX23seo6Jbj6IF527Yuk_cauXCw4vYHDRH8OK_ovcem_ORmg91O40_DaMad8nNujYRFM2Uymz0B7tjIQ7T0YWaKDxBjvwwDjBp1qD4zjD3Eiq0BYGVLw_brGN4FHTfkF8e5VwxtYma747-vnsndN_jkUKAqkRdFnnPn_W3ktG7wFUKg3bU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 01:48:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 3980 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?q6hK5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:48:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310190101&jk=142832083690203&bg=!WFulWxTNAAaMkNwkrJA7ADQBe5WfOB-N0Xgb4JiAGZR29vlehnKc2HXudsWMhvzpaA-9AskMoFfi_cL4q_I3TulOOi83AgAAAMRSAAAAC2gBB5kCsJZ39tI8h1hTyRdHA1fAAnAUDREhZzB4AArCCOfixJIPPPKCUgY5aEEwTg0cKADY_rs7TO5l83SjLV-nSakXCzVIzWE5mA5L9MW9ZOXVa_08mswgIhKpvAP1x32lIvmgkTQ2WXRj2x3cQrSyPbKYuAkQZrYDUv_JXQDkhQ-wvfjiMDg7sIy4cq4zey1YZljLtAWFBZIIGsqYlIq4liJTZj2_kzYAaYaNMnwf2bNKmNdMEpb7x6MbQCscm3whh2xrHOXUM3sjOyOCzm13rJAzOmiEAU5LSIPAw6wvdBvaznit5u2FOhhREPQ7E-uh-Mg9JzXYJyE7d32upUxe4TpMEZKzgfmqPmL1Gr8dOjSfzjw4WRQjzORQFYaXM4R9eyYU_9DcqslNgy26Rxda-PLfdwS4KZtTvyquso8tw1QRybn7pP-JnyirsuutnyE_dmRtdz6hHw6HVCqOE4HcY3K_kDlc3HiBHpTVs5V2xYk9MByXv6CL2TZV6RMHdz7MjugIREeg1m1CLc5nlzmQmnfMXqu-wXUEqO9MAMcyqpjmJinwr21mVuJqilxFhCOYh-xZP81L5LEPxsiwz8wQe9EgRZNqP1RjBLXuGyalB4zXdo_Tgrre--9uBJZbaNyuuR-gL3H96Ttsv1SHyhEBlbpuUQI16sW-R8XCHO2dpK3dycmFLpPHMBeBQbActUkdxl9IvL8oiS33dHqynmNs-FgHGIkrL4XWymfIuJpWPxI7hazj9YVVF-iLKm3KIt_thycScwIjEMaYk1oPJVVFC7v_915ydapVyOwT8RReIJnH3Othlexw0AOBDnykcVuFZmoMHWvYDj3qfYJ45JVFELvP6rAgedspMfRrReslgGoAVeYV3LRat53HTRGFnaSVW7eQ0KRCYBHq4CTQr0AWOrNJiXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/ Frame A219 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/postback?sr=yieldmo.com&bt=programmatic&md=1&si=2331256393946538634&pi=3391854064443794120&dt=5184231558719353398000&pv=a30c4d1a-dd8d-4d01-baa7-af9f2b1b23e2&to=3&de=2&ci=518423&di=folkd.com&pp=2518831497914294538&ti=3391854064443794120&dm=728x90&gt=ch&sid=AlPgIMsEEeOpQ1Bu&oz_sc=98e1d01f29d32e95859b5e02&oz_df=1698198528699&oz_l=502&cv=3
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.109.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIP0REeNcA6SO/ Frame B74C 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIP0REeNcA6SO/postback?to=3&gt=ch&pp=2518831497914294538&pv=94ad508b-1209-47c5-a0bb-e1a453030789&si=2331256393946538634&bt=programmatic&ci=518423&ti=3391854064309576353&de=2&di=folkd.com&md=1&dm=728x90&pi=3391854064309576353&dt=5184231558719353398000&sr=yieldmo.com&sid=AlPgIP0REeNcA6SO&oz_sc=d608f14b84549cbdcba9091e&oz_df=1698198528792&oz_l=588&cv=3
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.109.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/ Frame A219 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.tas.yieldmo.com/2/2.109.0/518423/AlPgIMsEEeOpQ1Bu/postback?sr=yieldmo.com&bt=programmatic&md=1&si=2331256393946538634&pi=3391854064443794120&dt=5184231558719353398000&pv=a30c4d1a-dd8d-4d01-baa7-af9f2b1b23e2&to=3&de=2&ci=518423&di=folkd.com&pp=2518831497914294538&ti=3391854064443794120&dm=728x90&gt=ch&sid=AlPgIMsEEeOpQ1Bu&oz_sc=98e1d01f29d32e95859b5e02&oz_df=1698198529208&oz_l=87&cv=3
Requested by
Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.109.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.217.32.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-32-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 01:48:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 25 Oct 2023 01:48:50 GMT
x-amzn-RequestId
e90fc058-67f0-91c0-b4bd-b61a6c302da3
/
kinesis.us-east-1.amazonaws.com/ Frame 79E1 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-144.compute-1.amazonaws.com
Software
/
Resource Hash
9a3a42e12a7b15a9231038bdde6838bcb85fd0e38e1a246eb1f00c5ad0fcdcc8

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231025/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=5c43650ca5cc7dd384046755d0dc7bc6e902b7ad83ce128e2959bbdf540650df
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
47cc4bfc3828a729d198aae30ef7739d79b28a3f3d45a76dbbbf8b31edc07937
Cache-Control
no-cache
Referer
https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231025T014850Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Wed, 25 Oct 2023 01:48:50 GMT
x-amzn-RequestId
ec2f9272-303f-c0eb-b19d-e4303bff7c88
Content-Length
133
x-amz-id-2
xyvKxYH6XiG9LFIOKweZj2JeunT6911ckBvPjecVLSDAXtYEcSNKFubPPxygp4SjM6YBjj3bnNRhdVhVXNHqJ7YgTc20cpEq
Content-Type
application/x-amz-json-1.1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
oajs.openx.net
URL
https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEEohMprUre-wqvBEX6AbCgI&google_cver=1&google_push=AXcoOmTluz9BE4dJSV4wLDnurAFc-Es6XYL0mbNb_EnHlawcPGwyhnjBoE-WFmNlagCFI9bjiAaOZa8uE8r3lBZujujLgHHNVxUahg
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEEohMprUre-wqvBEX6AbCgI&google_cver=1&google_push=AXcoOmTCd7fT0c4kFi1wIYqnrIENygLCt3arEsG3raua6rVJK5nR-PGto1ASmPDvErXXPtcIiEQKUijQMzfLLjtRmO8GjmdP6imESQ
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEFloep9Vvi9SqFC7BknLn-M&google_cver=1&google_push=AXcoOmRAn0R_uc9zGL_1Np2zdRtqgx1V37XkFVyRhfeYR3oJMgJ1NiO3_ZvQe44Sjzszrz_GgIXrkB6z7JwZ4PXYr5MhlS8Lc0k
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1698198517383
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDQ2QUE2REMtQkM5Qy00NzQ5LTgyN0QtNkRGQjIzQkQ4RUI1&gdpr=-1&gdpr_consent=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3ex3sxxffNxmw4boak_D&redir=true
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3ex3sxxffNxmw4boak_D
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M2V4M3N4eGZmTnhtdzRib2FrX0Q=
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3ex3sxxffNxmw4boak_D
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=81a53010-8b0a-49aa-889a-6006d15167c2&id=3ex3sxxffNxmw4boak_D
Domain
bttrack.com
URL
https://bttrack.com/pixel/cookiesync?source=6f15a88d-e42c-4017-8276-dff2b21d7926&secure=1
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
Domain
rtb.adentifi.com
URL
https://rtb.adentifi.com/CookieSyncYieldMo
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=21
Domain
yieldmo-match.dotomi.com
URL
https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=yieldmo
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/26980?limit=0&id=3ex3sxxffNxmw4boak_D
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=71&gdpr=0&gdpr_consent=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=1283
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11479&redirect=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fpn_id%3Dloopme%26id%3D%7Bviewer_token%7D
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=yieldmo
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/397286.gif?partner_uid=3ex3sxxffNxmw4boak_D
Domain
aa.agkn.com
URL
https://aa.agkn.com/adscores/g.pixel?sid=9212291508&puid=3ex3sxxffNxmw4boak_D
Domain
xsync.iqzone.com
URL
https://xsync.iqzone.com/psync?t=s&e=366&cb=https%3A%2F%2Fsync-iqzone.ads.yieldmo.com%2Fsync%3Fpn_id%3Diqzone%26id%3D%25USER_ID%25
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/mo
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/yieldmo?redir=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fuserid%3D%7B%24PARTNER_UID%7D%26pn_id%3Daa
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_sc&google_hm=M2V4M3N4eGZmTnhtdzRib2FrX0Q=

Verdicts & Comments Add Verdict or Comment

260 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 undefined| coalias_debug undefined| e undefined| t undefined| r undefined| o undefined| a undefined| n object| script string| target_url_hostname string| REQUEST_HOSTNAME_ORIGINAL string| route_jwt function| xhr_coalias_open string| basePath function| addBasePathToRelativeUrls string| bubble_session_uid object| headers_source_maps object| load_error_log object| _bubble_page_load_data object| webfont object| WebFont function| FontFaceObserver string| gm_key boolean| glrl_key_status string| bubble_page_load_id string| bubble_plp_token string| _p string| bubble_page_name function| $ function| jQuery string| bubble_bundle_name object| Base64 object| BrowserDetect object| safe_require function| highlight_dom_changes function| local_storage_fallback object| u function| appquery function| setImmediate function| clearImmediate function| kill_notifier_socket function| restore_notifier_socket object| client_db number| server_time_offset function| google_web_fonts_active_cb function| fontface_webfonts_loaded_cb object| element_performance_counts object| testing function| authenticate_as object| document_ready_key function| display_page function| switch_page function| Lib_post_load object| preloaded object| _bubble_watcher_cache number| bubble_version object| __code__ object| optional_modules object| plugins object| bubble_run_derived object| app object| b object| d function| Picker object| translation_data object| language_data string| application_language function| Lib function| everything_ready function| wait_for_everything object| iziToast function| XanoBaseStorage function| XanoClient function| XanoCookieStorage function| XanoLocalStorage function| XanoObjectStorage function| XanoSessionStorage object| $MMT function| gtag object| dataLayer object| webpackChunkStripeJSouter function| noop function| Stripe function| clarity function| bubble_fn_nav function| bubble_fn_cookieSet boolean| google_web_fonts_active object| fontface_loaded boolean| all_fontface_loaded function| moment function| xDomainCookie object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data object| googletag object| gaGlobal function| confiantWrap object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| apstag object| ifvisible object| recaptcha object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| confiant object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| signal_decrypted object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_143 object| Criteo object| Criteo_identitytag_143 object| closure_lm_217625 object| GoogleGcLKhOms object| google_image_requests

100 Cookies

Domain/Path Name / Value
folkd.com/ Name: folkd0612_live_u2main
Value: 1698198505949x358372636270191100
folkd.com/ Name: folkd0612_live_u2main.sig
Value: M0xh7uLplrPiD37PgZCa93f5dmo
folkd.com/ Name: folkd0612_u1main
Value: 1698198505938x470410982269921860
www.clarity.ms/ Name: CLID
Value: 45dc476302fd44bbb2f197fd154a2482.20231025.20241024
.folkd.com/ Name: _ga
Value: GA1.1.153657198.1698198509
.folkd.com/ Name: _clck
Value: 5wb1xr|2|fg5|0|1393
folkd.com/ Name: session
Value: aa84aae1-d644-47c4-8bef-3f89ece507b2
.folkd.com/ Name: _clsk
Value: wiwnki|1698198509629|1|1|s.clarity.ms/collect
.folkd.com/ Name: __gads
Value: ID=2c25cfe2cfb1705a:T=1698198509:RT=1698198509:S=ALNI_MYg6ElK7xULkAltRm0i6Gw2-F1oJQ
.folkd.com/ Name: __gpi
Value: UID=00000ca1dd1eeda5:T=1698198509:RT=1698198509:S=ALNI_MactXszduYmmAypNDozhxTysadpMw
m.stripe.com/ Name: m
Value: 462e5c54-f175-4893-b1a4-c3f58c73521f3306e3
.folkd.com/ Name: __stripe_mid
Value: 2f235cec-c967-41b4-bd3f-1101bf0988abd6eca4
.folkd.com/ Name: __stripe_sid
Value: 6f3a7060-9ea0-47c7-8b4d-ae3efb7fb2f6e59437
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 8b373c0464f9e117f812dc76942c6fab
.doubleclick.net/ Name: IDE
Value: AHWqTUnkFDpkMlazt9AkIRTHE5M_pD0Wr60DqWs-E_1FG-8DrnIqVqHHzJJYpL66QCc
.openx.net/ Name: i
Value: 717c699c-1370-0242-0059-f8db81790fce|1698198511
.openx.net/ Name: pd
Value: v2|1698198511|n0vNvQiygu
.criteo.com/ Name: uid
Value: fa3b4081-f803-4359-9f65-8c4afeecd45e
.folkd.com/ Name: _cc_id
Value: 8b373c0464f9e117f812dc76942c6fab
.folkd.com/ Name: panoramaId_expiry
Value: 1698803310936
.folkd.com/ Name: panoramaId
Value: 8b001ebb8935a8e79dc3c47d352f4945a702927e83e123cf3f482ab14747c6df
.folkd.com/ Name: panoramaIdType
Value: panoIndiv
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8508965629740719938
.amazon-adsystem.com/ Name: ad-id
Value: AzRc6OWtok6UpIlpyncoBlM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.folkd.com/ Name: _ga_7BR5TDFFPC
Value: GS1.1.1698198508.1.0.1698198514.0.0.0
.yieldmo.com/ Name: yieldmo_id
Value: 3ex3sxxffNxmw4boak_D%7C1698192000000%7C0
.folkd.com/ Name: cto_bundle
Value: od9YjV9zJTJGbURZcFRKNFp6S3RwUUt1dUFMd1pDdWRTSSUyQjlNWUttZm92cmptOHJtYnVESkpkRmNZSGJETU1zMTlzcWZDTTdTYjRTWlZ3WmQyU2xxekY5dWRMWTljaiUyQlpVMmYlMkZPdlAlMkZmZk9PeEdmUjM1OUlpU1RJZDg2eXZHdXdzT3FRJTJCdWlDSDUlMkJMQ1RacnRJQXFiVUpWZjRldyUzRCUzRA
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1180144%7Cbsw%3D1180144%7Cadfm%3D1180144%7Cgoogle_supply%3D1180144%7Ciqzone%3D1180144%7Ctapad%3D1180144%7Cyahoo_supply%3D1180144%7Cmf%3D1180144%7Cbeeswax%3D1180144%7Cneustar%3D1180144%7Caa%3D1180144%7Cb%3D1180144%7Cc%3D1180144%7Ccriteo%3D1180144%7Cloopme%3D1180144%7Ceps%3D1180144%7Cstk%3D1180144%7Cdv360%3D1180144%7Ceq%3D1180144%7Can%3D1180144%7Crc%3D1180144%7Cunl%3D1180144%7Cmnt%3D1180144%7Cliveramp%3D1180144%7Ct%3D1180144%7Cadtrt%3D1180144%7Cbluekai%3D1180144%7Camazon_supply%3D1180144%7Cz%3D1180144%7Cpub%3D1180144%7Copenx%3D1180144
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22CC2086E0-1EB5-4BBF-252E-8E5996244867%22%7D
.de17a.com/ Name: guid
Value: 1.4804148416116766434
.teads.tv/ Name: tt_viewer
Value: 2340ba97-9b32-43de-979e-b19436dbe008
.adfarm1.adition.com/ Name: UserID1
Value: 7293707088339073170
.csync.loopme.me/ Name: viewer_token
Value: b011d054-9189-4a11-8935-5c09b31893d8
.adnxs.com/ Name: uuid2
Value: 3192963034780596998
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22CC2086E0-1EB5-4BBF-252E-8E5996244867%22%7D
.adsby.bidtheatre.com/ Name: __kuid
Value: db32d0a6-c8ce-4591-a298-84ec749d1610.467412516
.ctnsnet.com/ Name: cid_ebda0c9156a74462999b30762536c618
Value: 1
.ctnsnet.com/ Name: gid_CAESEF6q_Ja_QBmPxZyasIl4ZBU
Value: 1
.adx.opera.com/ Name: UID
Value: OPUc85793528c914c6394d1877e773d1824
.uuidksinc.net/ Name: jcsuuid
Value: muWgAaBjDKHoDtPBKa1l
.onetag-sys.com/ Name: OTP
Value: OYvts7FoqW9n6qNrhcRi_ayVzxN1Bn7mXijWMI8Ypco
.casalemedia.com/ Name: CMID
Value: ZThz9HlfJ6x8HxbKVTp4.gAA
.casalemedia.com/ Name: CMPS
Value: 2141
.casalemedia.com/ Name: CMPRO
Value: 2141
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZThz9AAaWscz2wBY
.3lift.com/ Name: tluid
Value: 2440010424102306346113
sync.gonet-ads.com/ Name: chk
Value: 1
.simpli.fi/ Name: suid
Value: 410E59942BE04379971BBAF54A976A90
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.bidswitch.net/ Name: c
Value: 1698198516
.bidswitch.net/ Name: tuuid_lu
Value: 1698198516
.bidswitch.net/ Name: tuuid
Value: ad1b691f-8769-45e3-b392-23cf3fe70cac
.360yield.com/ Name: tuuid_lu
Value: 1698198516
.360yield.com/ Name: tuuid
Value: bb113c82-4ec0-475b-ad24-9a77db5eef19
.blismedia.com/ Name: b
Value: 653873F4D6FAF6B62A0086F7BLIS
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjIwNjExNzawtDQxNjI0M7EwNRDiM9R1ciw0LyrJzTDNcasAAIbLsEslAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjIwNjExNzawtDQxNjI0M7EwNRDiM9R1ciw0LyrJzTDNcasAAIbLsEslAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129Uyr1DUzt9SNCC4y8XYxMDc2Ti91jQziNTSztDC0tDA1NDOxMHzFiMoHAA8fHoc9AAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129Uyr1DUzt9SNCC4y8XYxMDc2Ti91jQQAn6BqQh4AAAA
.gonet-ads.com/ Name: pid
Value: NDZmOTI1NDMzMjU2Yzg0NQ
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 446AA6DC-BC9C-4749-827D-6DFB23BD8EB5
.w55c.net/ Name: wfivefivec
Value: Ll9a32bs1QVt0E5
.smaato.net/ Name: SCM
Value: 6bc6639e1e
.smaato.net/ Name: SCMv
Value: 6bc6639e1e
.w55c.net/ Name: matchgoogle
Value: 5
.fksnk.com/ Name: g_001
Value: 1
fksnk.com/ Name: AWSALBCORS
Value: f4S9oFrRIRgVRj0w0tyfl7RaVFhzibXr5DH+QZxaVgfmX5bXgZbG2Kq6luNJBIt9LYZB3dsAUC4TQEmLWzZQY2Ujaab7Q7RZ/ApQGQPN1wdCUwYbMIpnBj6Cmdaz
.fksnk.com/ Name: f_001
Value: 4054D14C4E5B78C3
.dotomi.com/ Name: DotomiTest
Value: 6215ea709a10166b
.yandex.ru/ Name: yuidss
Value: 3625003631698198516
.yandex.ru/ Name: yandexuid
Value: 3625003631698198516
.quantserve.com/ Name: d
Value: EBABCQGiKoEA
.quantserve.com/ Name: mc
Value: 653873f4-bd817-15ef9-6c4f0
.creative-serving.com/ Name: tuuid
Value: 3dd40ffd-c734-4b5a-b0d8-557dfdbec814
.creative-serving.com/ Name: c
Value: 1698198516
.creative-serving.com/ Name: tuuid_lu
Value: 1698198517
.socdm.com/ Name: SOC
Value: ZThz9MCo8XgAALaXzgAAAAAA
.tribalfusion.com/ Name: ANON_ID
Value: aYnt6ZayKalHobWm8ZaCyPsjnmtvaZdeCQLk2oxp8QEUflGMZa57VnSVuH4d12mVyT4E9MZblmWFVfe4RBoMrMZafq6AZaQc9vY
.zemanta.com/ Name: zuid
Value: cz60YTG3B53bz5R2I9_a
.pubmatic.com/ Name: SyncRTB3
Value: 1699401600%3A220
.pubmatic.com/ Name: pi
Value: 160648:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.lkqd.net/ Name: sr109
Value: 1|6bc6639e1e|1698198517
.lkqd.net/ Name: lkqdid
Value: 7DsDYq_MZo8
.lkqd.net/ Name: lkqdidts
Value: 1698198517
.tremorhub.com/ Name: tvid
Value: dc9093145f0640e49c2be2b7b1da0c90
.tremorhub.com/ Name: tv_UIDF
Value: CAESEHFLsC_1suctXpQfyeIxcOQ
.tremorhub.com/ Name: tvssa
Value: 1698198517440
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1db58e72-1985-4a69-b8d8-c9aa0daf1780-003%22%2C%22zdxidn%22%3A%222069.28%22%2C%22nxtrdr%22%3Afalse%7D
.scorecardresearch.com/ Name: UID
Value: 18Fa34214c73ff3ddea79ba1698198518
.bing.com/ Name: MUID
Value: 0573BD532185617B1FD2AEE620F56084
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0573BD532185617B1FD2AEE620F56084
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0573BD532185617B1FD2AEE620F56084
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

10 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript error URL: https://folkd.com/
Message:
Access to fetch at 'https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp' from origin 'https://folkd.com' has been blocked by CORS policy: Request header field x-coalias-route is not allowed by Access-Control-Allow-Headers in preflight response.
network error URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEEohMprUre-wqvBEX6AbCgI&google_cver=1&google_push=AXcoOmTluz9BE4dJSV4wLDnurAFc-Es6XYL0mbNb_EnHlawcPGwyhnjBoE-WFmNlagCFI9bjiAaOZa8uE8r3lBZujujLgHHNVxUahg
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEEohMprUre-wqvBEX6AbCgI&google_cver=1&google_push=AXcoOmTCd7fT0c4kFi1wIYqnrIENygLCt3arEsG3raua6rVJK5nR-PGto1ASmPDvErXXPtcIiEQKUijQMzfLLjtRmO8GjmdP6imESQ
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEFloep9Vvi9SqFC7BknLn-M&google_cver=1&google_push=AXcoOmRAn0R_uc9zGL_1Np2zdRtqgx1V37XkFVyRhfeYR3oJMgJ1NiO3_ZvQe44Sjzszrz_GgIXrkB6z7JwZ4PXYr5MhlS8Lc0k
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
worker error URL: blob:https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/4fd69777-4ada-48e9-aab3-c80d5e98fc9f
Message:
Mixed Content: The page at 'blob:https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/4fd69777-4ada-48e9-aab3-c80d5e98fc9f' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/4fd69777-4ada-48e9-aab3-c80d5e98fc9f
Message:
Mixed Content: The page at 'blob:https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/4fd69777-4ada-48e9-aab3-c80d5e98fc9f' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/59a74ff1-197a-4b2b-82f1-8813b9f6592a
Message:
Mixed Content: The page at 'blob:https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/59a74ff1-197a-4b2b-82f1-8813b9f6592a' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/59a74ff1-197a-4b2b-82f1-8813b9f6592a
Message:
Mixed Content: The page at 'blob:https://4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com/59a74ff1-197a-4b2b-82f1-8813b9f6592a' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io
4f092283226be61e0f4bbf90c47a2648.safeframe.googlesyndication.com
a.rfihub.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ads.creative-serving.com
ads.travelaudience.com
ads.yieldmo.com
an.yandex.ru
analytics.pangle-ads.com
arafuru.com
b1sync.zemanta.com
b1t-eudc1.zemanta.com
bcp.crwdcntrl.net
benhvienhiemmuonsaigon.vn
bh.contextweb.com
bttrack.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.shopify.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
coinwatchdaily.com
contextual.media.net
cs.admanmedia.com
cs.chocolateplatform.com
cs.lkqd.net
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.adkernel.com
eb2.3lift.com
esp.rtbhouse.com
eu-u.openx.net
fksnk.com
folkd.com
folkd0612.bubbleapps.io
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google-bidout-d.openx.net
google.partners.tremorhub.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
im.bluevoox.com
image6.pubmatic.com
imps.monu.delivery
invstatic101.creativecdn.com
js.stripe.com
kinesis.us-east-1.amazonaws.com
m.stripe.com
m.stripe.network
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matchadsrvr.yieldmo.com
meta.cdn.bubble.io
monu.delivery
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
protected-by.clarium.io
q.stripe.com
region1.google-analytics.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
s.ad.smaato.net
s.clarity.ms
s.tribalfusion.com
s.update.tas.yieldmo.com
s.uuidksinc.net
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.yieldmo.com
storage.googleapis.com
sync-dmp.aura-dsp.com
sync-tm.everesttech.net
sync.1rx.io
sync.gonet-ads.com
sync.inmobi.com
sync.srv.stackadapt.com
sync.teads.tv
t.adx.opera.com
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
widgets.outbrain.com
www.clarity.ms
www.folkd.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.jeebr.net
www.telljane.co.uk
www.transdairy.net
x.bidswitch.net
xeqe-t3lw-i7hv.n7.xano.io
xsync.iqzone.com
yieldmo-match.dotomi.com
aa.agkn.com
aax-eu.amazon-adsystem.com
b1sync.zemanta.com
bh.contextweb.com
bttrack.com
c1.adform.net
cm.g.doubleclick.net
contextual.media.net
cs.admanmedia.com
cs.chocolateplatform.com
csync.loopme.me
dis.criteo.com
ib.adnxs.com
idsync.rlcdn.com
match.adsrvr.org
match.prod.bidr.io
oajs.openx.net
pixel-eu.rubiconproject.com
pixel.tapad.com
rtb.adentifi.com
rtb.mfadsrvr.com
ssbsync.smartadserver.com
stags.bluekai.com
sync-dmp.aura-dsp.com
sync.1rx.io
sync.srv.stackadapt.com
u.openx.net
ups.analytics.yahoo.com
x.bidswitch.net
xsync.iqzone.com
yieldmo-match.dotomi.com
103.124.95.152
104.16.137.79
104.16.203.66
104.16.89.20
104.17.25.14
104.18.25.173
104.18.27.193
104.18.43.90
124.146.153.170
13.107.213.44
13.32.27.65
134.122.57.34
141.95.33.111
142.250.185.129
142.250.185.170
142.250.185.251
142.250.186.162
142.250.186.34
142.250.186.66
142.250.74.194
151.101.194.49
16.16.243.247
172.217.16.131
172.217.16.132
172.217.16.193
172.217.18.3
172.217.18.6
172.217.18.8
172.67.38.106
172.96.191.154
174.137.133.49
178.250.1.11
178.250.1.3
178.250.1.9
18.193.218.77
18.245.60.65
18.245.60.76
18.66.122.57
18.66.127.127
185.3.92.76
185.64.190.78
188.42.105.220
193.0.160.130
2.16.238.13
2.16.97.41
20.127.253.7
204.236.233.227
204.79.197.200
213.155.156.169
213.180.193.90
213.227.153.224
216.239.34.36
23.227.60.200
23.32.185.60
23.96.124.68
3.120.0.219
3.121.249.83
3.210.170.5
3.33.220.150
3.71.157.32
3.91.171.144
31.220.27.135
34.102.146.192
34.120.107.143
34.91.62.186
34.96.105.8
34.96.70.87
34.98.64.218
35.186.193.173
35.186.236.140
35.190.0.66
35.190.39.111
35.193.186.65
35.214.134.79
35.214.83.179
35.227.252.103
37.157.6.243
37.252.172.123
44.241.50.239
46.252.152.44
51.89.9.253
52.19.192.213
52.45.175.185
52.95.126.160
54.187.159.182
54.217.32.83
54.77.169.39
63.215.202.137
63.35.103.141
64.202.112.95
65.9.66.68
68.219.88.97
69.173.144.139
69.20.43.192
76.223.111.18
76.76.21.21
82.145.213.8
85.114.159.93
91.205.230.81
91.228.74.208
92.204.221.13
99.86.4.50
99.86.4.9
05d248171ae2c427f92f61b33e0807058ffe8a763fba0875d1bb881fb7a421b0
07e66ceca7319d41bdc8a788e67305b42a844ed1af583709af038c5bd183a404
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0814ceb83311ca54fa848a9a31915d46a05013536d38aa50abebb7cf223edf57
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09fa48367ecdb31ccbb365e0428d3d7bd7f32f48890b84d2e6c6ab9d2b12e3f2
0a328b53b11be3e3bf3a90c2eddb341e440eef9e0bd6f09d0d6fbf165332e8ad
0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1203f1006eb45335b4586cb02cca3d2820792f69b88048533ffe66ecb4f38b
0c42c23a0a15b19aa34fbf250c2ef3717f98169f8f123875936de604ca03070a
0dba9cd28464bb07ae35f8956a4ee75dc22d747dfa50d61a9bc47792643217c8
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
0fd8a7f6f01df027031e5aae6e36581fcd90071906aedaa8cc6e8532b6ce2c95
1071f618f391c136dbe3225843c3b40d05ae69332a94f77361bed39ab840a461
1159098ab08ea234071b485699bc1c2df66dc964ae3224b5bdbbdf8e8c6dfe4e
14e415ea24da39d045052320220a5e5c97dda2524584c945eb0ce0a9dcd9300f
14fdb30698fe1edfbb87904d8edcda380e8ebd520ac5725c2e9673b4d668c680
15df7612b2f445f4d18846aed403d0ca0947b3f8dead95d4b167621f5faaba57
15f8609f42e7b1a21e305a4b8ec18e4d5608910b1bcc84d8c9580947125559c9
1724e60e561a0235231a5ab5c858205ea4a27f2703ba4dbbb0b38d97ad716e75
18a847f8474bbd62b4a8e5d7fc404c2d3863b05bd4e940750f7bf3fb31c78430
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a
1a69509b56f1b16e1d95b8605f55dd6876c3550c16ecb0735a456c9446343032
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c3255c44b60ed600928d2a9c0fa10d94e71ac0c8fd6cc31a81c5f71ba33bd63
1c7d4575ee993d34beb5fda5181df3fcdb8530f3c18690026ec7440d68bf039e
1e0f15760bf8ebc0da73169538143d01cf3387284caa546a17643d94d2a9ad91
1eb81f9db9a3a50b0fdaa21827fec28e2e56a5c0500ab8d1942d08f5468b4888
1f8a69b2a2b34f9ad653d8d8627fb36573303a4442a5aff2699707a5ccebf033
200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b
204f6c36a5324e12364e7dafd2f83c8b69e965fae6abb0bb7ce762ba3b272ad8
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
243880bb2158cf1464c853745ed71f165f741dec56ffa6945e62909097669283
2496005d1b2e22357da40b67d30c56dea5dff19ce85fcf0cd247202ac4ecc67c
2718a53d945896675c41314021253817cb49abf3d3e3a0c23ca2ac0fd0497c25
2947177724ae451aa2f9a09f6a5ee6152f2e79ed01922cb8fcd89a06a0218603
29d242f1425b4b19b47dca4d80bb0aa3556d98f4650680329bb5e3fac4bbcb3a
2a7793d8d477731e8a7b88e9f43844c9b6c973a3855b1169a6ac4021476dee13
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b19bcc502e15622d5acfc4a7ef5782d3b6006fa3a142caa2da270d859ff43e2
2bd61072fddb7d64c22fa244070964af040c1ea3262f22f1594a182664e915c6
2cf37e75b57055c4955874cd50aa5d16b2ed00df71866cc340fdfa4f542e2dd1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d1cb3f75b762bb8be443ee6f9cd1a74e8930add7650d459144488263371ff0b
2efa8cfc2ff0ceeccc2b3e613651fb892e1d1a4dc4e1d0b60d05cafbb4df384e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
335480e92d7743f5fe7da236a30eeb2df9248640a0773c7f8dcbb30efbbeb00d
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
370f167a76cf49dda2a089846821ee5b544ccf71aab760c5ea6dcd482f2f618e
3747cff682b191f3497de08896cc8ed493900ec19b8726faebdafcb85d0dce9c
378fba0d0f074b8b519180a1968a7ba8d64cd337fc401c9e0e2664779f39e5ca
37cf0462ef2d7c99e83bd364a6e53a3cab43b2a0edb61f2ade221246d99e1d7d
38097452bf5459379f94e4db1380d440416f6a1a41aa99c59455943b851ff892
3946966eaef86468160c9c58bde2462eb611e800234c28e1a7996ab11dd9d023
3b07e150d00c5c8dd931c22db701a9332bc4c4655e2583df055d6068f597fdaf
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b8f770b10663c0e0547f3e5054a7e63da8b437323bb58afcbfdc57320b1b1b0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
3fc909bdf81fe43f0893d0296d6107929c7f6edf3fd7be8eb70a8627e67c1821
409023ff3f1cc62a18abaf0abedcecc242604bff65f147a61f069febb5f35418
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4802186f6cb20846f699483e25a99a51ba958a3b00ec07f124c46a94800b3e4b
485a9b3f05ae44a506e9fc8227a147bc675d7ba129f23a84cac562c58cb3f569
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
4a7cd00c42daf7ae543ef7b9f149066d8fd6c063fc962aa8e1b7f2c50efbc9f5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5023186c37628cfa31837ac7a5ead838030bb824a57189c0e6695e40998782f5
5071704af567c2640c2ec53809f1c60170307cfeba44916afa02e97d57d7636c
5425256ecfb9d69942d027953b9ecd8d497c865f4b8266c2f8ee115caa0d215e
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c7369b4ef6b898387f4147324f61b74e0fa810710a92867c7476eae0fb5ae0
565c259cb4f50eb907737b30c1534923c883f2b8cd0d848fb74b4fa0f0f62db6
5788725a96f977266c27037a0e3562a0a2f94a33b0d2986b086cd70b811bfcd1
5890ed246ecb4bbdb9e708292f435eadedffbeb0823a33e9032b32ddbb36610c
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54
6008052054e15dc67d84e8697abf2dfe062986b58f3b1462b3ab6afa66a2aa38
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63048d3da9b8ef24703db0cb353c4bec041d9acc3575b407755a5affda7eb9db
635c502e2abd16835c7e8633c4644161e8b7f2fb670c3c3b84228e4129d7be72
63d1137a8a5b1862bee35e1318311de2cbdbc04b0a35b4a9ff08b94b1a8e11ec
64a5d79297234d8f9241fde2aa2b31a984ed18ff8e151da410800291cb43d3f3
670923a9ed3815341743c2981b520f42591be0994cffc385af44b81a95f02b0f
67690ee898230cf1027f288a7573dddd6d1b7826bae35af735ed8c74f398ef96
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a43b79bce3a24aaed996e86591feb28c6ec3fded2c40b64020895ac6bed4ca1
6b99c4d2e434cf3098e15685a9e4dcbbdd7afc7cb97f3898f9b3cfc944ed2e5a
6bbc6a34ad99493119df9fc75ef4855231bb74fffa4148445d40e55026a2680a
6c02e041d0d65891b7da44b0ba5b60f30e7431f424efcbe3d942e46554695ac1
6c372e198244c361274102f5a6aa022f974d799997010c486a5bc4e5ff720ac9
6ceaccfb40a9865c2a2ff446a88a997d661399ec4ed77c3db9e373949b956854
6df4a58cc87985ad457246b8a064cf1797f98ef33ff0aaab82e67c8f7c4ee90b
6f711c915fd97457830f6e42246d024e9e5daa1133d8ff94b8cb0be13551bbd9
7019ace50c2413eee6884092a332fbb881a825154a6fa115af9ab079bb8d08ad
7050a42fad87ea064b9255be621f2724733e34974eb8628b4452889173910fd3
71ce6e0425f76fb0febb3f5676a53d94c623f9c1241eb3a66e4418868c7e3c81
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73e8ed3b475d329e634beba729217d431b45ea9d35d44d5d675195135caab4c7
73eaf94360cbddbd2b9f3b52dc297f39044e63f1e696418b3f5431876a90585b
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3
74c6283dff31d9e0e771e73e9e1a629597850b3d302a525bc8ce26f9147a78be
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63
77882812956b4fa5e7fbee0491c6f732c9b61012e843a61d88d45332c63bb876
78156e0464b564d8530351570cf430523f82372a306f39d25fcb49c6cc96fd0e
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
8351a14005ddedbd12c2f4871a656945ae0d7bdf13ca20e02621c59e3ce47ca6
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
8660f6f9b6cb7b5ab96ba7f7bb5ea4f4237b2e1828229dd09e7a4242f8a49076
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8cc9859dcc936d0602fda9f8ecd54792556314b99bdeb8cb4a9111229c8386a8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e0d223c5ec1242f5eb93780e156e69dff0ec1964a99360ac6c9848fe42f65f6
8eaf27f165f42f6d013c02fb5cdb1990370ee4d372fb1a55d7d428202d63e949
8ed42953f93b93830f03629f791b368704142602e6ae5101dfd3ef6ae4a80455
8eea65a1264a39e7878f3922351e5c069c28ada5e1092f54f183a74f2470ea1b
8ff77c383aae101d2445f3e8098d86f9b495f0483c41c29a02279afb092f5b74
90dbc6e10b603305f9f190f42ea0a28a70a772ecaf312810eacb503b71bcc715
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
923103be5e49e9b00b94c166b7f47756f5d7cbda53b4a20858ba51615f7c2e25
9427930f7ded98876f7ac148f5dbda8d9c9fac56362e0fefa6a556b7e707aa01
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905
96c48fb896f06af2b61faf9b6945f9f80e0c20eb29f5b154e425aeb69ae48a90
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99fb0cff846ea41bf8485f9f68e0ef05415d71831f9ccadeaf77138518b2cbb1
9a3a42e12a7b15a9231038bdde6838bcb85fd0e38e1a246eb1f00c5ad0fcdcc8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac86f9bf7cddd7963a2df2dfd00d5bae17aff357eeee30a091c3160d86f4202
9b18e28c07981dd70640199c817dfc625d0ccc220fa30d9c0378150ded81c205
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c3e617505f8bcbeb5e57313fddd9e3f848670a93b06a15bc57b1d658b2b4800
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12bac90dbe527d63e36172160211c2160f368d52fd40c4128b04212f18dd60b
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71
a2ebcd5e946b2a6bf29e6e7989d13d66a5b11b35e3da57f152d6c09923b9f0c8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5884800b68d88edf5b6f1fb31039142c6484dae9e54f830598f9388d5d991d2
a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b
ad3f44a2ce5fea185b1678c33fb822099d7bb0f7d4b27d834950e686eff041dd
ae23551ecbaf86a43df28d81ae7381c6871af66e5d9f5e53099a27b46e3b750f
ae97179af3e99851418e85874ce2660a409b526b13ca6cbd4ecfde52dfe7fd6c
afc7ace230b69ce2d0c60f8d2fe4549578d4dfe00014a29f409090f1945d5ae2
b004cda7bb6da30811d9b7e7882d63e2b504dd30acc6d8b1ef5a4d096d51aa1a
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b155028720badafed621265a9c063642f6562c986c451a09165545b25f356449
b20fdf1b59252aa511fc6e477da58b44e8404c15da12bf5dd921c6fa192d5c89
b2d445277dd1387d01bb1d989944965d1b7c8f8ef70d55a5f3e20df428657f12
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b6ec7b998324bc41dbd7b3610f9cb6c649b0db416a9f1b567a7136d440478428
b72b152262183a46bdf29f00817d35dd88fef330c888814bcffed7ccde27b1b6
b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663
b9501c23317d084c5acbb22adaa0038a50700a68089e286fb9ad82c2f741aa22
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bf028a955867939ff11d3d9684c473cc6fda2079b931bc9c5ec099fbb580a37d
bfe404682b19590a4290403c9c3425e9808c1dcb72d950305c61325255210405
c1ad25ca9ffbef941780a3a94338ac4ab517a727ffed664d23ca811707225957
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026
c6fea9ae5d0f7f62ee3066f24f1e70d25c34d3dd9314ba4040d133d249108991
c7fe80017eff9e90d25d48f5badf9efabf3c8fd6a7b0477a30ae77ee26f899a5
c86cde7425d6bc09ffe4d91251e93eabf61242c2e844ff629aa808b9f3b74a17
caf4cf1dfe95ab9703234baa422fa8df36214e44ca925267324dbe6edf2b1ad1
cc18a8df40e42c4bb73e54f94bc62e2baf9d551dcfdfaeb1fc8094cf3bd562f1
ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8
cf2e87476221a317258bbc4cc5df5f8f4cdf7c20e2a42750b312e708a64c60f0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
d1f02c13c0de313a4cf40ee26180650e12fdc23add1abf4f5b4139bdfef165d1
d4fb8d30b806e653e96973369d47877d350c9e701d91cef0e21665284e6c0ffe
dcbd22a44fc4eed5160057d52c5ff180add4114f80c54091eb3d84366d49268f
ddcb7fa0c15b640dbbfc3bebba61aa02ef0b775d2e9451a1df71608a0ff8c3e9
df244944dab500cfcc558f52f4caf0cffa9dbf3a41e701b5fea6b9ba670524a2
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e29c5303aac2bb163ca8185428d9a1d79bc34ad72683007c44f93ea13345dfb9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47216e546fc925876dc07ca8ab449bdb29a6bfc3b6631a3aef96eb1f1c922b7
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e58a78c1f9012ec56ccb67b81cd9214a6d99d62411777fc6d23df8a652b4f4af
e641c6b75fa3b939b3976151fb30cdc12f4f07ac27873044e1ec2d7c5a04e459
e70d6bd23ef16460b6c4344c403b92f1e49bfa0906b63a5659eabb7b35343e76
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9746a2836a75c1e4ea3ffacaceb6b7d36b2bd25a7877d35b2bc57b0b575d68d
eb511f33a1caac5eb368c11e52216e48e19b6f940fc161dc76fb99a59abfe21d
ecede7abe8f2a4c2325dac0e6ca4b6940320b0ce7e6c435643f27cf799048290
ed6ce0b9a7d531ece20ea2899ab285c07a3f255b758cd2da750cd209eb505638
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01da9843465f6a375f20a3e291738fca896eee06fb2003c2c329007f0de594a
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f02803a7c7d1b3807ca7411d32a2929bae66bd3c906fde671160c1af9aea4351
f0ab0ea08142628aea334635db108bda769bbd27be3facbfd058f99ab1425bfa
f325934d414a5e7160a44e39cb94519ee59afd3c3059953382e294eb23f84e98
f4049e5d5da9cac7fd913510467e6145350dfaa0266dbfb1db1750edfe013757
f7bae8e2261afc29fcaca31883e796b6c07ea4241cf904c26667452c204f09ae
f8df696a7e49d7b1fa86b6dfb37f85ba92a3cd90329dfecb220e67449f779dd6
f9f17f69f000240d17bc1180cb69fe018ec19019b3889a2843f2242d959f7bf6
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fdfa81939cc26e5347ea4be77b50d6cfe1d914576a94c78188326f87441ba27c