www.folkd.com Open in urlscan Pro
2606:4700:3035::ac43:caae  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9279.zpDurK7CvebYyBbiNFtCZSBXocX2f-zytFVm8aSB2FUVHVjpTn8pBpcE-lDPsLPt.wbJzI-wst8F1zRTR62XYjMrihzk%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9279.FU4luOsKsv3rmQZ_ca2TerTm1BZ-CNEHOt38Z6Jftk0gwKtrSblSR6WqHzNMTpNEN16Lqy2EssTP8iXECwwTUg%2C%2C.a80tebWvxHhfhHbO2BD7bI-bfwI%2C

Request Chain 35

• https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715 HTTP 302
• https://nugmw.userreport.com/rc-ap/ddc4d747-bbe7-49e1-9f85-ea25d05ba7f0/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715

Request Chain 37

• https://bbnaut.ibillboard.com/match/AdScale?partneruid=b8bb236f0ca841f3a93de9ae8fa97b7a&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953beb95afd670%2F1621512083105%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID HTTP 302
• https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/img?tpid=101&tpuid=BBID-01-02962260831865416-16292376

Request Chain 39

• https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=74246519e3c3a45c190abd1131dffbfc8e64af553ac9f51c28c436a70fddacbc&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953beb95afd670%2F1621512083105%2F0%2Fimg HTTP 302
• https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953beb95afd670%2F1621512083105%2F0%2Fimg&s=183592&tpid=63&uid=74246519e3c3a45c190abd1131dffbfc8e64af553ac9f51c28c436a70fddacbc&C=1 HTTP 302
• https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YKZPk9YUOwE2FKKXtkiJsQAA%261192

Request Chain 40

• https://mc.yandex.com/watch/71239210?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2FDivyaYadav3&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A269%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A231254377086%3Ahid%3A508854225%3Az%3A120%3Ai%3A20210520140123%3Aet%3A1621512083%3Ac%3A1%3Arn%3A283798415%3Au%3A1621512083609583574%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621512082490%3Ads%3A1%2C18%2C138%2C1%2C0%2C0%2C%2C116%2C1%2C%2C%2C%2C276%3Adsn%3A1%2C18%2C137%2C1%2C0%2C0%2C%2C118%2C1%2C%2C%2C%2C276%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621512083%3At%3ADivyaYadav3%20%7C%20user%20details%20%7C%20folkd.com HTTP 302
• https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2FDivyaYadav3&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A269%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A231254377086%3Ahid%3A508854225%3Az%3A120%3Ai%3A20210520140123%3Aet%3A1621512083%3Ac%3A1%3Arn%3A283798415%3Au%3A1621512083609583574%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621512082490%3Ads%3A1%2C18%2C138%2C1%2C0%2C0%2C%2C116%2C1%2C%2C%2C%2C276%3Adsn%3A1%2C18%2C137%2C1%2C0%2C0%2C%2C118%2C1%2C%2C%2C%2C276%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621512083%3At%3ADivyaYadav3%20%7C%20user%20details%20%7C%20folkd.com

Request Chain 41

• https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=dedfd360f2eb722ab6790f133f2b3ceb13cf571515368fce3157d4c275576516&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953beb95afd670%2F1621512083105%2F0%2Fimg HTTP 302
• https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=b45760a6-4f93-4a00-a738-8d009dadab74

Request Chain 42

• https://track.adform.net/serving/cookie/match/?party=9&uid=0308219da88fa8bfed4b6a1985e50aea463aca2f916cdfe9c0102a815ba9c0bf&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953beb95afd670%2F1621512083105%2F0%2Fimg HTTP 302
• https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=0308219da88fa8bfed4b6a1985e50aea463aca2f916cdfe9c0102a815ba9c0bf&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953beb95afd670%2F1621512083105%2F0%2Fimg HTTP 302
• https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/img?tpid=42&tpuid=6782935533014223468

Request Chain 43

• https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=f5fbd919dfb5b64ed7ce4f1ab08988200a95b534a282946fc2323c827df92487&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953beb95afd670%2F1621512083105%2F0%2Fimg HTTP 302
• https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=aa218aa1-8deb-45ae-85dd-9f85423de582

Request Chain 44

• https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=47592bc8e381f664848ad6cf3c4bcd6d8fb565181ee300ce1824050759afa100&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953beb95afd670%2F1621512083105%2F0%2Fimg HTTP 302
• https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=b45760a6-4f93-4a00-a738-8d009dadab74

Request Chain 45

• https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=0d72ce447a894ccc1458b13577e3125ece682a9b772067b8c62040fe044642ff&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953beb95afd670%2F1621512083105%2F0%2Fimg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm=&google_sc=&uid=0d72ce447a894ccc1458b13577e3125ece682a9b772067b8c62040fe044642ff&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953beb95afd670%2F1621512083105%2F0%2Fimg&google_tc= HTTP 302
• https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/img?uid=0d72ce447a894ccc1458b13577e3125ece682a9b772067b8c62040fe044642ff&tpid=38&tpuid=CAESENrFO0ajIXdilk-cvUbsOqE&google_cver=1

Request Chain 46

• https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d98db21e679e7dd6ed8477adc07c4ad88833cb62f027ce7abbd614788763b2b0&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953beb95afd670%2F1621512083105%2F0%2Fjs HTTP 302
• https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d98db21e679e7dd6ed8477adc07c4ad88833cb62f027ce7abbd614788763b2b0&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953beb95afd670%2F1621512083105%2F0%2Fjs&checkcookies=true HTTP 302
• https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/js?tpid=48&tpuid=82e1fa85a25baa441f8fa8429da9dd1c

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request DivyaYadav3 Show response www.folkd.com/user/	32 KB 7 KB	157ms 138ms	Document text/html	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/user/DivyaYadav3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b493b97c60dc2354d6bbfe15b65234b0e4ed53694633a24d4dcd5b5e7d5616b0 Request headers :method GET :authority www.folkd.com :scheme https :path /user/DivyaYadav3 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT content-type text/html; charset=utf-8 set-cookie PHPSESSID=jc6km9bdpri4u6cglbt4q4tc06; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 0a2b3fec4d00004e32ec180000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qsOwzzr1Hd5K4LERExsIKqOjQOrBSAXR331fZkliRlLRX%2FOdt63PTLeYrIbwzu1Fbg182D4qta%2FrHtmAebwrAdN0nyglK0zjcfodSMHGNNKwbVscu8j1FO0Y"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 652568f3aeb94e32-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3-29	200	folkd.css www.folkd.com/styles/	39 KB 9 KB	28ms 16ms	Stylesheet text/css	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/styles/folkd.css?v=1.20 Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3db2e09adb3a038fa2efa016ef16f84ec56aed13a118201d01ed6b4fedbac56c Request headers :path /styles/folkd.css?v=1.20 pragma no-cache cookie PHPSESSID=jc6km9bdpri4u6cglbt4q4tc06 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.folkd.com referer https://www.folkd.com/user/DivyaYadav3 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/DivyaYadav3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 5207 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a2b3fece900004a91b0a7e000000001 last-modified Mon, 25 Jan 2021 07:03:16 GMT server cloudflare etag W/"9d15-5b9b421dc4f0e-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2hN9nz3oYMeKAL6cGfVFGYKRTmuj%2Bw%2B0pQWitYl%2FsY10r2TkNrjPbQaYGIM0WCooZLPW8iA4on%2BRVFQCFzYI8adujThNA5g52M3cd%2BppcyYraB0bRYz2Z%2BaP"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 652568f4a9c34a91-FRA
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 646 B	16ms 16ms	Script text/javascript	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 2a299b3fc8f2cb4e4fa6093c4e79fbc3e0edaf08acbb3822c2a571bba0a37431 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 554 x-xss-protection 1; mode=block expires Thu, 20 May 2021 12:01:22 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	132 KB 47 KB	47ms 25ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47950 x-xss-protection 0 server cafe etag 4501822382306722350 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 20 May 2021 12:01:22 GMT
GET H3-29	200	logo.svg www.folkd.com/images/	2 KB 1 KB	35ms 32ms	Image image/svg+xml	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/logo.svg Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56356001ba467fc7240f786c964eb00db91e14603b30b527db7c0db54526b425 Request headers :path /images/logo.svg pragma no-cache cookie PHPSESSID=jc6km9bdpri4u6cglbt4q4tc06 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/DivyaYadav3 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/DivyaYadav3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4604 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a2b3fed0200004a91f42d2000000001 last-modified Sat, 09 Jan 2021 09:15:21 GMT server cloudflare etag W/"68a-5b8741cb69c40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bZaJjWzNg1lSY5AKpbgF869yorqwae%2FEVcpqAD7fRHHbsxFEvOvupEP4E2F4NucvrFnJeFBBXmwOinpqDA4tm9MAEBkRfkw%2Bj%2BpJbpQfT1g%2FxfQOudQ1Vjtq"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 652568f4ca304a91-FRA
GET H3-29	200	offline.gif www.folkd.com/images/	910 B 1 KB	19ms 16ms	Image image/gif	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/offline.gif Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03538cc5b5491d983dec8a3b1f5bcfbbdd3f07f7a2525b4074e189664280a7a5 Request headers :path /images/offline.gif pragma no-cache cookie PHPSESSID=jc6km9bdpri4u6cglbt4q4tc06 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/DivyaYadav3 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/DivyaYadav3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 6286 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 910 cf-request-id 0a2b3fed0200004a918a240000000001 last-modified Tue, 16 May 2017 07:09:28 GMT server cloudflare etag "38e-54f9eda3d113c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bmw9xEQZ8HHyfPxYy%2BGfaGY4EmvEfbkaBKLk3I%2F03lnQ1196blLdDveTm5zRtUSTGyBymosBDT6hddg1A6bXpCoif6%2BeW7oMqa%2Fit5%2FS37ZfVPH%2Bla65bJ1O"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 652568f4ca344a91-FRA
GET H3-29	200	userTkEJB1QNAg_big.png www.folkd.com/images/	5 KB 6 KB	42ms 40ms	Image image/png	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/userTkEJB1QNAg_big.png Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a66366579e71fc4e531b7fa729fdb112cfe010f49aa0319bd2354e6f314ca3bd Request headers :path /images/userTkEJB1QNAg_big.png pragma no-cache cookie PHPSESSID=jc6km9bdpri4u6cglbt4q4tc06 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/DivyaYadav3 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/DivyaYadav3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wSfAqCNKnHyQ78GuKDtZkJVl5RXS3UFdm9HBnCjhTY6iPKPolEnkRL2ev71EYpl%2BQlPiMVIGcCDFrkZRsQ7vK6ZJO7XFwRpFrPH2Wvs61v0feun2qULdlqKu"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86403600 accept-ranges bytes cf-ray 652568f4ca374a91-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5575 cf-request-id 0a2b3fed0200004a91e99e6000000001 expires Wed, 14 Feb 2024 13:01:22 +0100
GET H3-29	200	userTkEJB1QNAg.png www.folkd.com/images/	1 KB 2 KB	40ms 38ms	Image image/png	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/userTkEJB1QNAg.png Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3bd6857bcf99f61f3ccf3edaef94cee9e7855a1465b6268b0130d946a639bba Request headers :path /images/userTkEJB1QNAg.png pragma no-cache cookie PHPSESSID=jc6km9bdpri4u6cglbt4q4tc06 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/DivyaYadav3 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/DivyaYadav3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wHej7ia7R7U3QVhKsAf7xMbExAP%2BiXhS5ILy%2Bh04P84P%2FUuJvIQ6qgziT%2BIdg%2FmbAzodi%2B4HPBtV%2Bza7rQn2nFLXgHjzxiY%2B2RrBgEQH0fvP99nE27bvfHS2"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86403600 accept-ranges bytes cf-ray 652568f4ca394a91-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1301 cf-request-id 0a2b3fed0300004a91b1ace000000001 expires Wed, 14 Feb 2024 13:01:22 +0100
GET H3-29	200	div_x.gif www.folkd.com/images/	971 B 2 KB	16ms 14ms	Image image/gif	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/div_x.gif Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8180abcb91f876e9e3749696063dd70d4125c5389b83b1a85715fc7fea7c4486 Request headers :path /images/div_x.gif pragma no-cache cookie PHPSESSID=jc6km9bdpri4u6cglbt4q4tc06 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/DivyaYadav3 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/DivyaYadav3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1622 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 971 cf-request-id 0a2b3fed0300004a918dae1000000001 last-modified Tue, 16 May 2017 07:09:28 GMT server cloudflare etag "3cb-54f9eda3a03ff" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5uYPrcJi69PHGl7Lni7WJyYGVirN6oQA0KCThMOehw0rEIcjpgsDJNXlGtjjHcWaol%2FvFInaRR3im3BxmpKAO%2F%2BN0D%2F4FsBHjKWZ%2BYlfebIpjAoVATBhhQ1p"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 652568f4ca3b4a91-FRA
GET H3-29	200	dot-tag.gif www.folkd.com/images/	989 B 2 KB	14ms 13ms	Image image/gif	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/dot-tag.gif Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09e1e05e792c205625b4692d601237e48a5d5b468b7399bf95024ac833feefa7 Request headers :path /images/dot-tag.gif pragma no-cache cookie PHPSESSID=jc6km9bdpri4u6cglbt4q4tc06 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/DivyaYadav3 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/DivyaYadav3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4680 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 989 cf-request-id 0a2b3fed0300004a91a1300000000001 last-modified Tue, 16 May 2017 07:09:27 GMT server cloudflare etag "3dd-54f9eda35fcc3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NdUc4WXVLzSS4nntN8rIgAwJN%2B98oY1LUygX7FyGu%2Fu1nL8pju1D979QUN%2BkaSKtDNgAvG5tdLrnWpFSfBkLFas8J26z1upxULy2WpwoqwP82JWg6UY2%2BOoI"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 652568f4ca404a91-FRA
GET H/1.1	200 OK	getads.js Show response js.adscale.de/	25 KB 9 KB	26ms 7ms	Script application/javascript	23.37.42.216 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js.adscale.de/getads.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.37.42.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-37-42-216.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 5e13ad0fd149b388477adcd6417fd3cf2bc0a71f614c5a51e1845f88ad3b8c12 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id A5mIVbl7UpSyvPgqy0D8BSAkmokhLjHd Content-Encoding gzip Last-Modified Wed, 19 May 2021 23:35:52 GMT Server AmazonS3 x-amz-request-id PRPBY17GQRSHVKYN ETag "50bb3a4af6413e0bf7a261465cbb90af" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=7200 Date Thu, 20 May 2021 12:01:22 GMT Connection keep-alive Accept-Ranges bytes Content-Length 8417 x-amz-id-2 yocf7j72cMxL2YxHZCl/e3HficxyeIBNaz6VSxv1vQAxx07DkCIBi6xQcJHuSn0uUNX8yZzOnyM=
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.4.2/	70 KB 25 KB	26ms 6ms	Script text/javascript	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 12:42:45 GMT content-encoding gzip x-content-type-options nosniff age 170317 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24715 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 18 May 2022 12:42:45 GMT
GET H3-29	200	jquery.cookie.js Show response www.folkd.com/js/	4 KB 2 KB	18ms 15ms	Script text/html	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/js/jquery.cookie.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5 Request headers :path /js/jquery.cookie.js pragma no-cache cookie PHPSESSID=jc6km9bdpri4u6cglbt4q4tc06 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.folkd.com referer https://www.folkd.com/user/DivyaYadav3 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/DivyaYadav3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 5207 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3Apug92C0wFR4kzwirJDU4gEApfReQ1lGTep6qInB5gRFzqL4%2BBQfEPBpCfpZBVaMehRuV5I7kAsTMuAWZ93qEXvXlBA3i8WWF7RTkRi9WW%2FrcN6jw%2BBQDqb"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 652568f4ca274a91-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a2b3fed0300004a91b0a82000000001
GET H3-29	200	common.js Show response www.folkd.com/js/	12 KB 4 KB	41ms 39ms	Script text/javascript	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/js/common.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5cdd1311fda5aefb51f9945fb526884dfc01e9468dced4bffdb4bd65b5a723c Request headers :path /js/common.js pragma no-cache cookie PHPSESSID=jc6km9bdpri4u6cglbt4q4tc06 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.folkd.com referer https://www.folkd.com/user/DivyaYadav3 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/DivyaYadav3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 May 2021 12:01:22 GMT content-encoding br cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2lMqzxDMy%2BYO0ezyJ0FZECBi%2BOjuffBL3pu5GsFo3cgBfMfyMc2gNNW1jpETXY%2BRzPC%2BIWD7B6XuKW3zAQ4cVZK7kkKh6tcK6ERqf%2By8RBfAZ4coKUwxM9jL"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 652568f4ca2b4a91-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a2b3fed0100004a91ad397000000001 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3-29	200	page_userdetails.js Show response www.folkd.com/js/	483 B 745 B	26ms 23ms	Script text/html	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/js/page_userdetails.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ca7e8fd30f014ba4d5a9a1e6ea49beb7df76cfe6053e9ca0cc267f45f92e1a8 Request headers :path /js/page_userdetails.js pragma no-cache cookie PHPSESSID=jc6km9bdpri4u6cglbt4q4tc06 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.folkd.com referer https://www.folkd.com/user/DivyaYadav3 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/DivyaYadav3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 1916 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cCKyR5HfQ9Lu%2FQ%2FrAUUMJdTg6ua23Eutmin0cTGlru4qIKAt5Cx9FXRJg82DKR%2FEf4hvYEDZER8HZmv4bK4H48J8Or8IKyKUz2ShRkzksb%2B2UYgkDbu284Pw"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 652568f4ca2e4a91-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a2b3fed0100004a91e8add000000001
GET H2	200	js Show response www.googletagmanager.com/gtag/	88 KB 35 KB	20ms 18ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-4499241-1 Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3350e4666e655fd553b265f2284b62f9cbd916e171afe1c61253032a45d593f4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35726 x-xss-protection 0 expires Thu, 20 May 2021 12:01:22 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/	335 KB 335 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee8f2a6ea8c02259b3f4d068d0607f92ba9cd2a6f06d915ca317b75a39676932 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.folkd.com Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 11:16:12 GMT x-content-type-options nosniff last-modified Tue, 11 May 2021 21:19:12 GMT server sffe age 2710 vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343177 x-xss-protection 0 expires Fri, 20 May 2022 11:16:12 GMT
GET H3-29	200	folkd-sprite.png www.folkd.com/images/	121 KB 122 KB	17ms 16ms	Image image/png	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/folkd-sprite.png Requested by Host: www.folkd.com URL: https://www.folkd.com/styles/folkd.css?v=1.20 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 688811b41e86684db597160601b55b64ef059d2fba49dfd5651d65f865de7738 Request headers :path /images/folkd-sprite.png pragma no-cache cookie PHPSESSID=jc6km9bdpri4u6cglbt4q4tc06 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/styles/folkd.css?v=1.20 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/styles/folkd.css?v=1.20 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1315 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 123879 cf-request-id 0a2b3fed0800004a91a5b4a000000001 last-modified Tue, 16 May 2017 07:09:28 GMT server cloudflare etag "1e3e7-54f9eda3e49bb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KW6fKnr3NqGsOAPtvxZ7G%2B6qtqgC4bTU9bCTMFlSj7nCqnkDtd%2BJOC0mrsCRwCVrTBBnClGoIGcOOwf697PVuRcrmt4BbrHxVy8AOynqoHggvnshoRztwAOh"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 652568f4ca454a91-FRA
GET H3-29	200	new_updates_bnr.png www.folkd.com/images/	11 KB 12 KB	19ms 19ms	Image image/png	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/new_updates_bnr.png?v=3 Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a6c5626e0eab1555c89fd50d7f166f3e5ecd812a28c94fc842051dcec1191a5 Request headers :path /images/new_updates_bnr.png?v=3 pragma no-cache cookie PHPSESSID=jc6km9bdpri4u6cglbt4q4tc06 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/DivyaYadav3 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/DivyaYadav3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4604 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 11344 cf-request-id 0a2b3fed0700004a91f726b000000001 last-modified Mon, 22 Feb 2021 14:37:04 GMT server cloudflare etag "2c50-5bbedbc478400" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fDERyKMQ2yQi93apvmzzzT2Xr39i9LVcvXanO3CzHIIBK9ayWgVKwkajH2GIkMT9giFMkyRgP%2BDx8mwePF%2FzI1HKcMWTBPR9QwyV0cjJOfzPQQ7NZZg%2Fk5az"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 652568f4ca484a91-FRA
GET H2	200	impr Show response gaa.adscale.de/	86 B 424 B	273ms 235ms	Script text/javascript	75.2.86.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gaa.adscale.de/impr?v=2&sid=YjY2ODA=&nu=0&t=1621512082761&ssl=1&pos=below&ws=https%3A%2F%2Fwww.folkd.com%2Fuser%2FDivyaYadav3&uuid=1aed63ec-1f34-48dd-9571-6491862b1ce6 Requested by Host: js.adscale.de URL: https://js.adscale.de/getads.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.86.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a3436eee63857ff41.awsglobalaccelerator.com Software / Resource Hash 9c60ae4cd0f7a6ed73bccb6fc9581940f6c127955c0c2ff90bd74f17634b8255 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT cache-control no-cache p3p CP=NOI PSA OUR x-robots-tag none content-length 86 content-type text/javascript
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	215 KB 68 KB	156ms 49ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT content-encoding br last-modified Tue, 18 May 2021 14:05:42 GMT etag "609e8948-11068" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 69736 expires Thu, 20 May 2021 13:01:22 GMT
GET H3-29	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/	231 KB 85 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com&amaexp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 87252 x-xss-protection 0 server cafe etag 5322897297824761394 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 20 May 2021 12:01:22 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame B6D0	10 KB 5 KB	6ms 5ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210517/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.folkd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.folkd.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 19 May 2021 22:33:52 GMT expires Wed, 02 Jun 2021 22:33:52 GMT content-type text/html; charset=UTF-8 etag 15349191498103243965 x-content-type-options nosniff content-encoding gzip server cafe content-length 4506 x-xss-protection 0 age 48450 cache-control public, max-age=1209600 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-4499241-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 1886 date Thu, 20 May 2021 11:29:56 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Thu, 20 May 2021 13:29:56 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 22 B	13ms 13ms	XHR text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2046907368&t=pageview&_s=1&dl=https%3A%2F%2Fwww.folkd.com%2Fuser%2FDivyaYadav3&ul=en-us&de=UTF-8&dt=DivyaYadav3%20%7C%20user%20details%20%7C%20folkd.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=912197190&gjid=792984774&cid=1692783086.1621512083&tid=UA-4499241-1&_gid=1783204755.1621512083&_r=1&gtm=2ou5c1&z=731545474 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 20 May 2021 12:01:22 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.folkd.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 86 B	16ms 15ms	XHR text/plain	2a00:1450:400c:c07::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-4499241-1&cid=1692783086.1621512083&jid=912197190&gjid=792984774&_gid=1783204755.1621512083&_u=YEBAAUAAAAAAAC~&z=1381090710 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 20 May 2021 12:01:22 GMT content-type text/plain access-control-allow-origin https://www.folkd.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	199 B 638 B	35ms 14ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.folkd.com&callback=_gfp_s_&client=ca-pub-3319618738478027 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 738c01dff917b1b0bb5963963c4900e46147306463eb813f417b52a8dc91a4e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 190 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 799 B	34ms 14ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.folkd.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 20 May 2021 12:01:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 553 B	36ms 16ms	Script application/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.folkd.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 20 May 2021 12:01:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 3767	0 16 B	34ms 33ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1621512082&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2FDivyaYadav3&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512082834&bpp=3&bdt=184&idt=75&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8458912948690&frm=20&pv=2&ga_vid=1692783086.1621512083&ga_sid=1621512083&ga_hid=2046907368&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C182982100%2C31060839&oid=3&pvsid=1069755509922903&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=95 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1621512082&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2FDivyaYadav3&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621512082834&bpp=3&bdt=184&idt=75&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8458912948690&frm=20&pv=2&ga_vid=1692783086.1621512083&ga_sid=1621512083&ga_hid=2046907368&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C182982100%2C31060839&oid=3&pvsid=1069755509922903&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=95 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.folkd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.folkd.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff date Thu, 20 May 2021 12:01:22 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 28 KB	34ms 13ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:22 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621424113157718" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27995 x-xss-protection 0 expires Thu, 20 May 2021 12:01:22 GMT
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9279.zpDurK7CvebYyBbiNFtCZSBXocX2f-zytFVm8aSB2FUVHVjpTn8pBpcE-lDPsLPt.wbJzI-wst8F1zRTR62XYjMrihzk%2C https://mc.yandex.com/sync_cookie_image_decide?token=9279.FU4luOsKsv3rmQZ_ca2TerTm1BZ-CNEHOt38Z6Jftk0gwKtrSblSR6WqHzNMTpNEN16Lqy2EssTP8iXECwwTUg%2C%2C.a80tebWvxHhfhHbO2BD7bI-bfwI%2C	75 B 75 B	56ms 56ms	Image text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9279.FU4luOsKsv3rmQZ_ca2TerTm1BZ-CNEHOt38Z6Jftk0gwKtrSblSR6WqHzNMTpNEN16Lqy2EssTP8iXECwwTUg%2C%2C.a80tebWvxHhfhHbO2BD7bI-bfwI%2C Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9279.FU4luOsKsv3rmQZ_ca2TerTm1BZ-CNEHOt38Z6Jftk0gwKtrSblSR6WqHzNMTpNEN16Lqy2EssTP8iXECwwTUg%2C%2C.a80tebWvxHhfhHbO2BD7bI-bfwI%2C date Thu, 20 May 2021 12:01:23 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 160 B	49ms 49ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT last-modified Tue, 18 May 2021 14:05:42 GMT etag "609e8948-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Thu, 20 May 2021 13:01:23 GMT
GET H/1.1	200 OK	userconnect.js Show response js.adscale.de//	14 KB 5 KB	7ms 7ms	Script application/javascript	23.37.42.216 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js.adscale.de//userconnect.js Requested by Host: js.adscale.de URL: https://js.adscale.de/getads.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.37.42.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-37-42-216.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id CUPSr8q.QV2oSyR2A.ML6bPH0Do36WHb Content-Encoding gzip Last-Modified Wed, 19 May 2021 23:35:53 GMT Server AmazonS3 x-amz-request-id 6M395EDGK8W4PQKF ETag "98f37b242862929d9aef4bde91abc8ad" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=7200 Date Thu, 20 May 2021 12:01:23 GMT Connection keep-alive Accept-Ranges bytes Content-Length 4485 x-amz-id-2 9pVJFQ+kTt5L3fUZ25Gd/qHOBXIH0ALYbfmNjYrUEfeTvsYCWeB4Lii17uxsa7nPL6jc6avwxns=
GET H2	200	userconnect Show response ih.adscale.de/	181 B 341 B	27ms 7ms	Script application/javascript	52.28.135.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ih.adscale.de/userconnect?ssl=1&sid=YjY2ODA%3D&cbfn=stroeerCoreConnect&ts=1621512083070&umd=false&gdpr_err=CMP_CALL_FAILED Requested by Host: js.adscale.de URL: https://js.adscale.de//userconnect.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.135.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-135-225.eu-central-1.compute.amazonaws.com Software / Resource Hash 6d62d5829b3adde8fec4b48d4f3f473a2fb2765e22e0d1d0afae1f77dcc56570 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT content-length 181 content-type application/javascript
GET H2	200	map Show response ih.adscale.de/ Frame 088B	3 KB 3 KB	17ms 17ms	Document text/html	52.28.135.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ih.adscale.de/map?format=display&ssl=1 Requested by Host: js.adscale.de URL: https://js.adscale.de//userconnect.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.135.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-135-225.eu-central-1.compute.amazonaws.com Software / Resource Hash 1a9c1639ece9ca3db0e9c09843ff6fd08ece396fdb29983746fad64f94209001 Request headers :method GET :authority ih.adscale.de :scheme https :path /map?format=display&ssl=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.folkd.com/ accept-encoding gzip, deflate, br accept-language en-US cookie uu=b8bb236f0ca841f3a93de9ae8fa97b7a; cct=1621512083023; ng=2#2832653804#27025201#4600 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.folkd.com/ Response headers date Thu, 20 May 2021 12:01:23 GMT content-type text/html;charset=ISO-8859-1 content-length 2736 set-cookie tu=4#121319526#48~~450420~450420~1#101~~450420~450420~1#38~~450420~450420~1#39~~450420~450420~1#40~~450420~450420~1#42~~450420~450420~1#108~~450420~450420~1#63~~450420~450420~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None
GET H2	200	nuggad Show response nugmw.userreport.com/rc-ap/ddc4d747-bbe7-49e1-9f85-ea25d05ba7f0/si.nuggad.net/ Redirect Chain https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715 https://nugmw.userreport.com/rc-ap/ddc4d747-bbe7-49e1-9f85-ea25d05ba7f0/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715	2 KB 2 KB	59ms 20ms	Script text/javascript	2600:9000:206f:2200:1f:a1b:34c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nugmw.userreport.com/rc-ap/ddc4d747-bbe7-49e1-9f85-ea25d05ba7f0/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715 Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:2200:1f:a1b:34c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 / Resource Hash 45dbd38dcaf076e80752464193903f13be62896583d48cb627f80557cf4a51b1 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT via 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront) server nginx/1.18.0 x-amz-cf-pop FRA56-C1 access-control-allow-methods get, post, options content-type text/javascript cache-control s-maxage=0, max-age=0 access-control-allow-credentials true x-cache Miss from cloudfront access-control-allow-headers accept content-length 1882 x-amz-cf-id IJWRi84a35j-4Q6haM7LF3OOPlbvzv1E1qoYNpDBALajsR20OJNjlg== Redirect headers date Thu, 20 May 2021 12:01:23 GMT via 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront) server nginx/1.18.0 x-amz-cf-pop FRA56-C1 access-control-allow-methods get, post, options location https://nugmw.userreport.com/rc-ap/ddc4d747-bbe7-49e1-9f85-ea25d05ba7f0/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715 cache-control s-maxage=0, max-age=0 access-control-allow-credentials true x-cache Miss from cloudfront access-control-allow-headers accept content-length 0 x-amz-cf-id yDxzqi7NKn5b8zNfN9FMnAlGEXxCn39rjvAr3tducyAv5LdmVZG9QQ==
GET H/1.1	200 OK	match.js Show response js.adscale.de/ Frame 088B	4 KB 2 KB	7ms 7ms	Script application/javascript	23.37.42.216 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js.adscale.de/match.js Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.37.42.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-37-42-216.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879 Request headers Referer https://ih.adscale.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id U1s527RNMB4aUS3jiP7nWE6tDG0Hs7Xk Content-Encoding gzip Last-Modified Wed, 19 May 2021 23:35:53 GMT Server AmazonS3 x-amz-request-id 2W74B6HFP72Y03N3 ETag "b75124846aec28a28b7a3441813682d5" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=7200 Date Thu, 20 May 2021 12:01:23 GMT Connection keep-alive Accept-Ranges bytes Content-Length 1700 x-amz-id-2 xvqwiXs6j559kkfAUZ4DhR/uM1mshc76+f2EWzTLNMSOAxYBux2T1j+3v7kOKnAL9u9Oknu1DKU=
GET H2	200	img ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/ Frame 088B Redirect Chain https://bbnaut.ibillboard.com/match/AdScale?partneruid=b8bb236f0ca841f3a93de9ae8fa97b7a&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953beb95afd670%2F1621512083105%2F0%2Fimg%3Ftpid%... https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/img?tpid=101&tpuid=BBID-01-02962260831865416-16292376	49 B 461 B	13ms 13ms	Image image/gif	52.28.135.225 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/img?tpid=101&tpuid=BBID-01-02962260831865416-16292376 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.135.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-135-225.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers Referer https://ih.adscale.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT p3p CP=NOI PSA OUR content-length 49 content-type image/gif Redirect headers Location https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/img?tpid=101&tpuid=BBID-01-02962260831865416-16292376 Date Thu, 20 May 2021 12:01:23 GMT Cache-Control private, max-age=3600 Access-Control-Allow-Credentials true Server nginx Connection close Transfer-Encoding chunked
GET H2	200	nuggad ih.adscale.de/	49 B 265 B	7ms 7ms	Image image/gif	52.28.135.225 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/nuggad?/nvars/d7=2&d10=3&d2=3&d4=0&d11=2&d8=1&d9=2&d12=2&d1=2&d3=1 Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.135.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-135-225.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT p3p CP=NOI PSA OUR content-length 49 content-type image/gif
GET H2	200	img ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 088B Redirect Chain https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=74246519e3c3a45c190abd113... https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsi... https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YKZPk9YUOwE2FKKXtkiJsQAA%261192	49 B 481 B	10ms 10ms	Image image/gif	52.28.135.225 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YKZPk9YUOwE2FKKXtkiJsQAA%261192 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.135.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-135-225.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers Referer https://ih.adscale.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT p3p CP=NOI PSA OUR content-length 49 content-type image/gif Redirect headers Pragma no-cache Date Thu, 20 May 2021 12:01:23 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YKZPk9YUOwE2FKKXtkiJsQAA%261192 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 299 Expires Thu, 20 May 2021 12:01:23 GMT
GET H2	200	1 Show response mc.yandex.com/watch/71239210/ Redirect Chain https://mc.yandex.com/watch/71239210?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2FDivyaYadav3&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A269%3Afu%3A0%3Aen... https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2FDivyaYadav3&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A269%3Afu%3A0%3A...	184 B 266 B	53ms 53ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2FDivyaYadav3&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A269%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A231254377086%3Ahid%3A508854225%3Az%3A120%3Ai%3A20210520140123%3Aet%3A1621512083%3Ac%3A1%3Arn%3A283798415%3Au%3A1621512083609583574%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621512082490%3Ads%3A1%2C18%2C138%2C1%2C0%2C0%2C%2C116%2C1%2C%2C%2C%2C276%3Adsn%3A1%2C18%2C137%2C1%2C0%2C0%2C%2C118%2C1%2C%2C%2C%2C276%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621512083%3At%3ADivyaYadav3%20%7C%20user%20details%20%7C%20folkd.com Requested by Host: www.folkd.com URL: https://www.folkd.com/user/DivyaYadav3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 429e4075d474dd017516ce723159ce2e022c8f3e80936556c3ca9a36929d4fd2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 May 2021 12:01:23 GMT x-content-type-options nosniff last-modified Thu, 20-May-2021 12:01:23 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://www.folkd.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 184 x-xss-protection 1; mode=block expires Thu, 20-May-2021 12:01:23 GMT Redirect headers pragma no-cache date Thu, 20 May 2021 12:01:23 GMT last-modified Thu, 20-May-2021 12:01:23 GMT location /watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2FDivyaYadav3&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A269%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A231254377086%3Ahid%3A508854225%3Az%3A120%3Ai%3A20210520140123%3Aet%3A1621512083%3Ac%3A1%3Arn%3A283798415%3Au%3A1621512083609583574%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621512082490%3Ads%3A1%2C18%2C138%2C1%2C0%2C0%2C%2C116%2C1%2C%2C%2C%2C276%3Adsn%3A1%2C18%2C137%2C1%2C0%2C0%2C%2C118%2C1%2C%2C%2C%2C276%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621512083%3At%3ADivyaYadav3%20%7C%20user%20details%20%7C%20folkd.com strict-transport-security max-age=31536000 access-control-allow-origin https://www.folkd.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Thu, 20-May-2021 12:01:23 GMT
GET H2	200	img ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 088B Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=dedfd360f2eb722ab6790f1... https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=b45760a6-4f93-4a00-a738-8d009dadab74	49 B 505 B	10ms 10ms	Image image/gif	52.28.135.225 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=b45760a6-4f93-4a00-a738-8d009dadab74 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.135.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-135-225.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers Referer https://ih.adscale.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT p3p CP=NOI PSA OUR content-length 49 content-type image/gif Redirect headers Date Thu, 20 May 2021 12:00:50 GMT Server MT3 3736 915c305 master cdg-pixel-x29 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=b45760a6-4f93-4a00-a738-8d009dadab74 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Thu, 20 May 2021 12:00:49 GMT
GET H2	200	img ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/ Frame 088B Redirect Chain https://track.adform.net/serving/cookie/match/?party=9&uid=0308219da88fa8bfed4b6a1985e50aea463aca2f916cdfe9c0102a815ba9c0bf&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb4953b... https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=0308219da88fa8bfed4b6a1985e50aea463aca2f916cdfe9c0102a815ba9c0bf&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d9eb... https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/img?tpid=42&tpuid=6782935533014223468	49 B 515 B	29ms 28ms	Image image/gif	52.28.135.225 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/img?tpid=42&tpuid=6782935533014223468 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.135.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-135-225.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers Referer https://ih.adscale.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT p3p CP=NOI PSA OUR content-length 49 content-type image/gif Redirect headers pragma no-cache date Thu, 20 May 2021 12:01:23 GMT server nginx location https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/img?tpid=42&tpuid=6782935533014223468 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	img ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 088B Redirect Chain https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u... https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=aa218aa1-8deb-45ae-85dd-9f85423de582	49 B 537 B	29ms 28ms	Image image/gif	52.28.135.225 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=aa218aa1-8deb-45ae-85dd-9f85423de582 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.135.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-135-225.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers Referer https://ih.adscale.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT p3p CP=NOI PSA OUR content-length 49 content-type image/gif Redirect headers pragma no-cache x-errorlevel 0 server Microsoft-IIS/10.0 date Thu, 20 May 2021 12:01:22 GMT p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" location https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=aa218aa1-8deb-45ae-85dd-9f85423de582 cache-control no-cache server-processing-duration-in-ticks 1504 content-type text/html; charset=utf-8 content-length 237 expires Thu, 20 May 2021 00:00:00 GMT
GET H2	200	img ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 088B Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=47592bc8e381f664848ad6cf... https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=b45760a6-4f93-4a00-a738-8d009dadab74	49 B 559 B	16ms 16ms	Image image/gif	52.28.135.225 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=b45760a6-4f93-4a00-a738-8d009dadab74 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.135.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-135-225.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers Referer https://ih.adscale.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT p3p CP=NOI PSA OUR content-length 49 content-type image/gif Redirect headers Date Thu, 20 May 2021 12:00:50 GMT Server MT3 3736 915c305 master cdg-pixel-x14 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=b45760a6-4f93-4a00-a738-8d009dadab74 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Thu, 20 May 2021 12:00:49 GMT
GET H2	200	img ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/ Frame 088B Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=0d72ce447a894ccc1458b13577e3125ece682a9b772067b8c62040fe044642ff&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488... https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm=&google_sc=&uid=0d72ce447a894ccc1458b13577e3125ece682a9b772067b8c62040fe044642ff&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4... https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/img?uid=0d72ce447a894ccc1458b13577e3125ece682a9b772067b8c62040fe044642ff&tpid=38&tpuid=CAESENrFO0ajIXdilk-cvUbsOqE&google...	49 B 577 B	12ms 12ms	Image image/gif	52.28.135.225 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/img?uid=0d72ce447a894ccc1458b13577e3125ece682a9b772067b8c62040fe044642ff&tpid=38&tpuid=CAESENrFO0ajIXdilk-cvUbsOqE&google_cver=1 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.135.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-135-225.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers Referer https://ih.adscale.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT p3p CP=NOI PSA OUR content-length 49 content-type image/gif Redirect headers pragma no-cache date Thu, 20 May 2021 12:01:23 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/img?uid=0d72ce447a894ccc1458b13577e3125ece682a9b772067b8c62040fe044642ff&tpid=38&tpuid=CAESENrFO0ajIXdilk-cvUbsOqE&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 413 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/ Frame 088B Redirect Chain https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d98db21e679e7dd6ed8477adc07c4ad88833cb62f027ce7abbd614788763b2b0&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d... https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d98db21e679e7dd6ed8477adc07c4ad88833cb62f027ce7abbd614788763b2b0&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F488ef9dafd704d... https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/js?tpid=48&tpuid=82e1fa85a25baa441f8fa8429da9dd1c	44 B 595 B	23ms 23ms	Script text/javascript	52.28.135.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/js?tpid=48&tpuid=82e1fa85a25baa441f8fa8429da9dd1c Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.135.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-135-225.eu-central-1.compute.amazonaws.com Software / Resource Hash 8745280ff4fba507838e6e8cc8922ee7e4021bbb26a088d4e7a08b1ca480189b Request headers Referer https://ih.adscale.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT p3p CP=NOI PSA OUR content-length 44 content-type text/javascript Redirect headers Location https://ih.adscale.de/sium/488ef9dafd704d9eb4953beb95afd670/1621512083105/0/js?tpid=48&tpuid=82e1fa85a25baa441f8fa8429da9dd1c Date Thu, 20 May 2021 12:01:23 GMT Server nginx Connection keep-alive Content-Type text/plain; charset=utf-8 Content-Length 147 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
POST H2	200	sium Show response ih.adscale.de/ Frame 088B	0 190 B	26ms 25ms	XHR application/json	52.28.135.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ih.adscale.de/sium Requested by Host: js.adscale.de URL: https://js.adscale.de/match.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.28.135.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-135-225.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ih.adscale.de/map?format=display&ssl=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ih.adscale.de date Thu, 20 May 2021 12:01:23 GMT access-control-allow-credentials true access-control-allow-headers x-openrtb-version content-length 0 access-control-allow-methods GET, POST, OPTIONS content-type application/json
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/	10 KB 7 KB	26ms 26ms	XHR application/json	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 862a40946844e55c5f7ab35a55be30a27f4917c3a973077ce733a11231427ff7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 20 May 2021 12:01:23 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7582 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	34ms 14ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 12:01:23 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Thu, 20 May 2021 12:01:23 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame C36A	12 KB 5 KB	14ms 12ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.folkd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.folkd.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Thu, 20 May 2021 11:58:38 GMT expires Fri, 20 May 2022 11:58:38 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 165 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response pagead2.googlesyndication.com/bg/ Frame C36A	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 11:24:26 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 2217 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5728 x-xss-protection 0 expires Fri, 20 May 2022 11:24:26 GMT
GET H/1.1	200 OK	launcher.js Show response sak.userreport.com/sdm/	104 KB 32 KB	79ms 29ms	Script application/javascript	2600:9000:218e:fa00:8:5c85:cdc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sak.userreport.com/sdm/launcher.js Requested by Host: si.nuggad.net URL: https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:218e:fa00:8:5c85:cdc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d614a38ece16ed47c3af4d61f5b99f6a1b668526d47fd5fe93b19459273a1961 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id sWrYSLqsQlcXCNntUF8JvkdB.T4gE7_S Content-Encoding gzip ETag W/"bda6d36d4c7e0a8c7cdcadbef248c9f4" Age 39 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Mon, 19 Apr 2021 08:08:31 GMT Server AmazonS3 Date Thu, 20 May 2021 12:00:45 GMT Vary Accept-Encoding Content-Type application/javascript Via 1.1 047bf774bd56c377ffa47dc61e91fca3.cloudfront.net (CloudFront) Cache-Control max-age=7200, s-maxage=60 X-Amz-Cf-Pop CDG52-P1 X-Amz-Cf-Id gcSLvxfUZzUkKybHe9CfRSQKua5fyw4GBRLpQa63NES2lNUmas-9Ug==
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	17ms 15ms	Image image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=1069755509922903&bg=!cnGlcTXNAAZ7hX_Ue4U7ACkAdvg8WliITLoB6IAqi1AaurlWOxOf8hdvX00QM5wUQG5mzfL4yU24OQIAAABYUgAAAA9oAQcKAUSd4Ebsfk9bHhCVzbSme1YmJ3p-QtmQCDdqSw3bbpZOJKozxXQOg-FcycnzNu8aRftnFty7gN8xuc6CKZn6q8W_UoJSGkEiXkQecS1WTieSheoArvGxgPOUDo_f022CMTNf_k9PMC_Puebm-CN5KCyhikfi1U-s77SGV0JElP2frnshbucMIRoZWF1AisQXCH5siHpCslBf_FWNcM9oqtyXM6sdF0IGCAbMwbeHfbm5JRHhYtooXk5Npng9FR9FJDtvQPGw_PlMuZo5XXXPhkzoFDfkXsKvjJaVFRzNRCnWkfy4Lts9iO2umPp8eQ05f64Hyq1hYB0maTFMGXD1bpfj9HFbXcQo2nIEA6bIUXDe7pI3iw99wxiFBQ8IbkBuQjrec3UkmpQbvFU_jG_xJxZGEmWN2FTDdpPHRQrh7wL3gb4r056ZAjrn2vJhZz1WwODUFzhLrPMojDdCEFcmIWmWT6QWYI6sfJy8GkY8yvTZeLR4dbiMzltAXSlqRfh2IE9afqY-QAOnTJrpz35XoJyxETIx91DV9SzKMNv-htgFBC4c6zdZBo6rU-T7UFSw-5p8IvMC36fmyTqGWU8jmQzkp3lhT6GHzHKNck1DXEWsYIALshdBH3YNhLh-xQvLGASSOaUti5WkbnS9MDgDjcNYJhorQLesJS0m9pmrg9DzG_SvXyJCVD_g5j3T5rR7yMNW7BMUYcB4rPyMLgpjQr_5ZSL_Opea6Snun2Nk5A6fIrHremMJfSBBznwKSjc79FSExpjVvwV8g8yVEgqdKeNNbC2pV5wiKCR23de-Es_AKWjpf_be2VN6pUoJBEIZ8OR2Qv7U6-Pn5RbI2Kb5xk1DTqwvRLC3MwPXS5qRQNCvHajx65brsKy-z7F7I0CbIvC6O9vlijBhKFmXL0F__-5XphvxDT5LCyiPbt5o6v5DNrIgAc6dkNshoKKb9jTnu62wSM-sYVqiQXslh_0ZHjXh3PD8iPQXe6uh7cbrKy_XBJAOc8_Pm2eBpvzZKy4oVsKvI5ZsHJuG6EN5byOdxiO4_UjTgUc6FicgZHu3euTK-ZpdRVJjdBW3KZUGXDYRuy_GHB1NV4fvu-7w8EJsrIicovwUKuA8-SeY_r3zh5s5Npb3ocjHb9uCWCrX1kGIb7jcSJgGMiOjlxOaeUklixupgVsxXK_Se3D6NRaK27FyLaA Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 20 May 2021 12:01:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	71239210 Show response mc.yandex.com/webvisor/	43 B 145 B	148ms 148ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/71239210?wmode=0&wv-part=1&wv-hit=508854225&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2FDivyaYadav3&rn=360553547&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621512085%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210520140125%3Au%3A1621512083609583574%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621512085 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 20 May 2021 12:01:25 GMT last-modified Thu, 20-May-2021 12:01:25 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://www.folkd.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Thu, 20-May-2021 12:01:25 GMT
POST H2	200	71239210 Show response mc.yandex.com/webvisor/	43 B 73 B	151ms 150ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/71239210?wmode=0&wv-part=1&wv-hit=508854225&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2FDivyaYadav3&rn=675649372&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1621512085%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210520140125%3Au%3A1621512083609583574%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621512085 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 20 May 2021 12:01:25 GMT last-modified Thu, 20-May-2021 12:01:25 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://www.folkd.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Thu, 20-May-2021 12:01:25 GMT