folkd.com Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.folkd.com/submit/www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=dewa19kita.xyz/premium303&ved=2...
Effective URL:
https://folkd.com/
Submission: On December 04 via manual (December 4th 2023, 5:18:28 am UTC) from KH — Scanned from CH

Summary HTTP 695 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 72 IPs in 12 countries across 85 domains to perform 695 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is folkd.com.
TLS certificate: Issued by R3 on November 13th 2023. Valid for: 3 months.

This is the only time folkd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6810:cc42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
110	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a01:7e00:1::... 2a01:7e00:1::b903:5c4c	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	18.154.63.108 18.154.63.108	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 10	35.193.186.65 35.193.186.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.16.224.78 104.16.224.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:3000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::6812:2b5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	35.186.236.140 35.186.236.140	15169 (GOOGLE) (GOOGLE)
1	52.40.111.159 52.40.111.159	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.173.233.47 18.173.233.47	16509 (AMAZON-02) (AMAZON-02)
1	18.154.70.139 18.154.70.139	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	54.194.196.88 54.194.196.88	16509 (AMAZON-02) (AMAZON-02)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
2 6	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	45.132.244.92 45.132.244.92	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
1	5.9.19.146 5.9.19.146	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:81c::201b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::ac43:9fcb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.53.42.80 103.53.42.80	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY)
1	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.251.85.8 162.251.85.8	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	68.178.145.107 68.178.145.107	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	2a02:4780:11:... 2a02:4780:11:1102:0:3a78:25a8:7	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2 2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1 2	52.95.115.196 52.95.115.196	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
7 79	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
53	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
19	2600:9000:205... 2600:9000:2057:c000:1b:83f3:bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
56	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3 31	34.255.27.143 34.255.27.143	16509 (AMAZON-02) (AMAZON-02)
11	51.20.47.97 51.20.47.97	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	217.79.188.60 217.79.188.60	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.46 217.79.188.46	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 3	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
9	18.154.63.48 18.154.63.48	16509 (AMAZON-02) (AMAZON-02)
76	3.227.250.155 3.227.250.155	14618 (AMAZON-AES) (AMAZON-AES)
8 8	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8 8	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7 9	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	69.166.1.67 69.166.1.67	27630 (AS-XFERNET) (AS-XFERNET)
6 6	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
4 4	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	2a05:d018:d29... 2a05:d018:d29:3605:885b:36b0:5c58:578	16509 (AMAZON-02) (AMAZON-02)
4 4	54.172.57.125 54.172.57.125	14618 (AMAZON-AES) (AMAZON-AES)
6 6	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
9	18.193.96.13 18.193.96.13	16509 (AMAZON-02) (AMAZON-02)
10 10	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2 2	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
2 4	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
6	3.253.142.96 3.253.142.96	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1 6	18.245.60.72 18.245.60.72	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 4	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.156.218.59 35.156.218.59	16509 (AMAZON-02) (AMAZON-02)
2 2	50.31.142.95 50.31.142.95	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
695	72

11 76.76.21.21 (Walnut, United States) 2 redirects

ASN16509 (AMAZON-02, US)

www.folkd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
folkd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:cc42 (United States)

ASN13335 (CLOUDFLARENET, US)

folkd0612.bubbleapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

110 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:7e00:1::b903:5c4c (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.154.63.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-108.dus51.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.193.186.65 (United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.186.193.35.bc.googleusercontent.com

xeqe-t3lw-i7hv.n7.xano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.224.78 (None, )

ASN13335 (CLOUDFLARENET, US)

1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:3000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2b5a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com

imps.monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.111.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-111-159.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.233.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-47.dus51.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.154.70.139 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-70-139.dus51.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.196.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-196-88.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.132.244.92 (Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: v2202008124861124469.goodsrv.de

orchidlifesciences.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.19.146 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: heimdall.protondns.net

windsorhelmets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:9fcb (United States)

ASN13335 (CLOUDFLARENET, US)

www.ausadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.53.42.80 (India)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)

blogstudiio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.60.200 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.251.85.8 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-251-85-8.unifiedlayer.com

allwinrotoplast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.178.145.107 (Mumbai, India)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 107.145.178.68.host.secureserver.net

audi-kolkata.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:4780:11:1102:0:3a78:25a8:7 (Mumbai, India)

ASN47583 (AS-HOSTINGER, CY)

acservicesmadurai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.115.196 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

79 172.217.16.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:2057:c000:1b:83f3:bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 34.255.27.143 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 51.20.47.97 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-51-20-47-97.eu-north-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.60 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com

ad4.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.154.63.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-48.dus51.r.cloudfront.net

matchadsrvr.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

76 3.227.250.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-250-155.compute-1.amazonaws.com

kinesis.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.250.1.9 (France) 8 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.78 (United Kingdom) 8 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.64.151.101 (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.166.1.67 (United States) 5 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.52.2.48 (United States) 6 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.160.23 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3605:885b:36b0:5c58:578 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.172.57.125 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-57-125.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.18 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.193.96.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-96-13.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 46.228.174.117 (United Kingdom) 10 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.59.122.79 (Schiphol, Netherlands) 2 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.38.120.206 (Hessen, Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.253.142.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com

s.update.tas.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.245.60.72 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.149 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.218.59 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-218-59.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.95 (Hickory Hills, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
122	googlesyndication.com 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	683 KB
110	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	531 KB
110	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	121 KB
76	amazonaws.com kinesis.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1312	21 KB
65	yieldmo.com 3 redirects static.yieldmo.com — Cisco Umbrella Rank: 2599 ads.yieldmo.com — Cisco Umbrella Rank: 582 matchadsrvr.yieldmo.com — Cisco Umbrella Rank: 2927 s.update.tas.yieldmo.com — Cisco Umbrella Rank: 10057	2 MB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	3 MB
12	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	764 KB
11	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1550	3 KB
11	criteo.com 9 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811 dis.criteo.com — Cisco Umbrella Rank: 550	11 KB
11	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
11	folkd.com 2 redirects www.folkd.com folkd.com	17 KB
10	xano.io 2 redirects xeqe-t3lw-i7hv.n7.xano.io	20 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	363 KB
10	monu.delivery monu.delivery — Cisco Umbrella Rank: 27986 imps.monu.delivery — Cisco Umbrella Rank: 32801	182 KB
9	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	307 B
9	casalemedia.com 7 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	6 KB
8	pubmatic.com 8 redirects image6.pubmatic.com — Cisco Umbrella Rank: 793 image8.pubmatic.com Failed	4 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 o.clarity.ms — Cisco Umbrella Rank: 7310 c.clarity.ms — Cisco Umbrella Rank: 1377	23 KB
7	openx.net oajs.openx.net — Cisco Umbrella Rank: 1639 Failed google-bidout-d.openx.net — Cisco Umbrella Rank: 1643 eu-u.openx.net — Cisco Umbrella Rank: 2473 us-u.openx.net — Cisco Umbrella Rank: 491 u.openx.net Failed	1 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1282 q.stripe.com — Cisco Umbrella Rank: 7730 m.stripe.com — Cisco Umbrella Rank: 1245	143 KB
7	bubbleapps.io folkd0612.bubbleapps.io	1 MB
6	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	2 KB
6	3lift.com 6 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	3 KB
6	lijit.com 6 redirects ap.lijit.com — Cisco Umbrella Rank: 650	4 KB
5	1rx.io 5 redirects sync.1rx.io — Cisco Umbrella Rank: 546	2 KB
5	sonobi.com 5 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 951	4 KB
5	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258 Failed	3 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 storage.googleapis.com — Cisco Umbrella Rank: 287	35 KB
4	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 714	1 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 229 Failed	3 KB
4	stackadapt.com 4 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 702	6 KB
4	media.net 4 redirects cs.media.net — Cisco Umbrella Rank: 1381 contextual.media.net Failed	3 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com Failed	2 KB
3	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 749	1007 B
3	adition.com imagesrv.adition.com — Cisco Umbrella Rank: 17335 ad4.adfarm1.adition.com — Cisco Umbrella Rank: 65170	11 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	acuityplatform.com 2 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1209	1 KB
2	zemanta.com b1sync.zemanta.com — Cisco Umbrella Rank: 586 Failed	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336 Failed	1 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1567	177 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1361	18 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	304 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 902	454 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	710 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 228	761 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	acservicesmadurai.com acservicesmadurai.com	2 KB
1	audi-kolkata.in audi-kolkata.in	3 KB
1	allwinrotoplast.com allwinrotoplast.com	17 KB
1	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 1708	8 KB
1	blogstudiio.com blogstudiio.com	182 KB
1	ausadvisor.com www.ausadvisor.com	137 KB
1	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 11479	116 KB
1	windsorhelmets.com windsorhelmets.com	303 KB
1	orchidlifesciences.com orchidlifesciences.com	80 KB
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4118	474 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	bubble.io 1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	16 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	80 KB
0	iqzone.com Failed xsync.iqzone.com Failed
0	bluekai.com Failed stags.bluekai.com Failed
0	loopme.me Failed csync.loopme.me Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	agkn.com Failed aa.agkn.com Failed
0	smartadserver.com Failed ssbsync.smartadserver.com Failed
0	mfadsrvr.com Failed rtb.mfadsrvr.com Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
0	rlcdn.com Failed idsync.rlcdn.com Failed
0	bttrack.com Failed bttrack.com Failed
0	adentifi.com Failed rtb.adentifi.com Failed
0	contextweb.com Failed bh.contextweb.com Failed
0	rubiconproject.com Failed pixel-eu.rubiconproject.com Failed
0	tapad.com Failed pixel.tapad.com Failed
0	inmobi.com Failed sync.inmobi.com Failed
0	lkqd.net Failed cs.lkqd.net Failed
0	dotomi.com Failed dclk-match.dotomi.com — Cisco Umbrella Rank: 2627 Failed yieldmo-match.dotomi.com Failed
0	turn.com Failed ad.turn.com Failed
695	85

	Domain	Requested by
110	cdn.jsdelivr.net	folkd.com folkd0612.bubbleapps.io securepubads.g.doubleclick.net
79	cm.g.doubleclick.net	7 redirects google-bidout-d.openx.net 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com googleads.g.doubleclick.net ads.yieldmo.com folkd.com
76	kinesis.us-east-1.amazonaws.com	static.yieldmo.com
56	pagead2.googlesyndication.com	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com folkd.com pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
53	tpc.googlesyndication.com	folkd.com 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
31	ads.yieldmo.com	3 redirects 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com folkd.com static.yieldmo.com
20	s0.2mdn.net	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com folkd.com s0.2mdn.net
19	static.yieldmo.com	folkd.com static.yieldmo.com 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
19	securepubads.g.doubleclick.net	monu.delivery securepubads.g.doubleclick.net 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
13	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net cdn.confiant-integrations.net
12	www.googletagservices.com	folkd.com 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
11	protected-by.clarium.io	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
11	www.google.com	folkd0612.bubbleapps.io 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com tpc.googlesyndication.com
10	xeqe-t3lw-i7hv.n7.xano.io	2 redirects cdn.jsdelivr.net
10	folkd.com	1 redirects folkd.com folkd0612.bubbleapps.io
9	match.sharethrough.com	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
9	matchadsrvr.yieldmo.com	static.yieldmo.com
9	googleads.g.doubleclick.net	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com folkd.com
8	image6.pubmatic.com	8 redirects
8	dis.criteo.com	8 redirects ads.yieldmo.com
7	folkd0612.bubbleapps.io	folkd.com folkd0612.bubbleapps.io
6	sb.scorecardresearch.com	1 redirects 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
6	s.update.tas.yieldmo.com	folkd.com s.update.tas.yieldmo.com
6	eb2.3lift.com	6 redirects
6	ap.lijit.com	6 redirects
6	ssum-sec.casalemedia.com	6 redirects
6	imps.monu.delivery	folkd.com
6	fonts.gstatic.com	fonts.googleapis.com
5	sync.1rx.io	5 redirects ads.yieldmo.com
5	sync.go.sonobi.com	5 redirects
5	sync.targeting.unrulymedia.com	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
4	onetag-sys.com	2 redirects 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
4	ib.adnxs.com	ads.yieldmo.com googleads.g.doubleclick.net
4	sync.srv.stackadapt.com	4 redirects ads.yieldmo.com
4	cs.media.net	4 redirects
4	o.clarity.ms	www.clarity.ms
4	www.gstatic.com	www.google.com folkd.com 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
4	monu.delivery	folkd.com monu.delivery
3	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
3	pr-bh.ybp.yahoo.com	3 redirects
3	cms.quantserve.com	1 redirects 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
3	us-u.openx.net	1 redirects google-bidout-d.openx.net googleads.g.doubleclick.net
3	q.stripe.com	folkd.com
3	fonts.googleapis.com	folkd0612.bubbleapps.io 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com folkd.com
3	js.stripe.com	folkd.com js.stripe.com
2	googleads4.g.doubleclick.net	folkd.com
2	c.clarity.ms	1 redirects
2	ums.acuityplatform.com	2 redirects
2	b1sync.zemanta.com	ads.yieldmo.com
2	x.bidswitch.net	ads.yieldmo.com
2	ad4.adfarm1.adition.com	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com folkd.com
2	aax-eu.amazon-adsystem.com	1 redirects google-bidout-d.openx.net ads.yieldmo.com
2	c1.adform.net	2 redirects ads.yieldmo.com
2	storage.googleapis.com	folkd.com
2	google-bidout-d.openx.net	1 redirects oa.openxcdn.net
2	gum.criteo.com	1 redirects static.criteo.net
2	cdn.confiant-integrations.net	monu.delivery cdn.confiant-integrations.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	region1.google-analytics.com	www.googletagmanager.com
2	www.clarity.ms	folkd.com www.clarity.ms
1	trace.mediago.io	1 redirects
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	c.bing.com	1 redirects
1	ad.doubleclick.net	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
1	imagesrv.adition.com	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
1	match.adsrvr.org	google-bidout-d.openx.net ads.yieldmo.com
1	eu-u.openx.net	google-bidout-d.openx.net
1	acservicesmadurai.com	folkd.com
1	audi-kolkata.in	folkd.com
1	allwinrotoplast.com	folkd.com
1	cdn.shopify.com	folkd.com
1	blogstudiio.com	folkd.com
1	www.ausadvisor.com	folkd.com
1	1.bp.blogspot.com	folkd.com
1	windsorhelmets.com	folkd.com
1	orchidlifesciences.com	folkd.com
1	mug.criteo.com	folkd.com
1	esp.rtbhouse.com	folkd.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	oajs.openx.net	folkd.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	m.stripe.com	m.stripe.network
1	1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io	folkd.com
1	cdnjs.cloudflare.com	folkd.com
1	www.googletagmanager.com	folkd.com
1	www.folkd.com	1 redirects
0	xsync.iqzone.com Failed	ads.yieldmo.com
0	stags.bluekai.com Failed	ads.yieldmo.com
0	csync.loopme.me Failed	ads.yieldmo.com
0	match.prod.bidr.io Failed	ads.yieldmo.com
0	aa.agkn.com Failed	ads.yieldmo.com
0	ssbsync.smartadserver.com Failed	ads.yieldmo.com
0	rtb.mfadsrvr.com Failed	ads.yieldmo.com
0	cs.admanmedia.com Failed	ads.yieldmo.com
0	idsync.rlcdn.com Failed	ads.yieldmo.com
0	contextual.media.net Failed	ads.yieldmo.com
0	bttrack.com Failed	ads.yieldmo.com
0	u.openx.net Failed	ads.yieldmo.com
0	yieldmo-match.dotomi.com Failed	ads.yieldmo.com
0	rtb.adentifi.com Failed	ads.yieldmo.com
0	ups.analytics.yahoo.com Failed	ads.yieldmo.com
0	image8.pubmatic.com Failed	ads.yieldmo.com
0	bh.contextweb.com Failed	ads.yieldmo.com
0	pixel-eu.rubiconproject.com Failed	ads.yieldmo.com
0	pixel.tapad.com Failed	ads.yieldmo.com
0	sync.inmobi.com Failed	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
0	cs.lkqd.net Failed	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
0	dclk-match.dotomi.com Failed	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
0	ad.turn.com Failed	738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
695	117

This site contains links to these domains. Also see Links.

Domain
orchidlifesciences.com
windsorhelmets.com
www.esskaymachines.com
www.zeropromosi.com
www.ausadvisor.com
blogstudiio.com
proudpoppyclothing.com.au
allwinrotoplast.com
audi-kolkata.in
acservicesmadurai.com

Subject Issuer	Validity	Valid
folkd.com R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
*.monu.delivery Sectigo RSA Domain Validation Secure Server CA	`2023-02-23` - `2024-03-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.n7.xano.io R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh
bubble.io Cloudflare Inc ECC CA-3	`2023-11-16` - `2024-11-15`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
imps.monu.delivery GTS CA 1D4	`2023-11-13` - `2024-02-11`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-11-08` - `2024-02-06`	3 months	crt.sh
orchidlifesciences.com R3	`2023-10-27` - `2024-01-25`	3 months	crt.sh
windsorhelmets.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
ausadvisor.com GTS CA 1P5	`2023-11-20` - `2024-02-18`	3 months	crt.sh
blogstudiio.com R3	`2023-11-24` - `2024-02-22`	3 months	crt.sh
cdn.shopify.com E1	`2023-11-08` - `2024-02-06`	3 months	crt.sh
allwinrotoplast.com R3	`2023-10-14` - `2024-01-12`	3 months	crt.sh
audi-kolkata.in Go Daddy Secure Certificate Authority - G2	`2023-02-22` - `2024-02-22`	a year	crt.sh
acservicesmadurai.com ZeroSSL RSA Domain Secure Site CA	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.yieldmo.com Amazon RSA 2048 M02	`2023-05-21` - `2024-06-18`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
protected-by.clarium.io Amazon RSA 2048 M03	`2023-11-16` - `2024-12-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
kinesis.us-east-1.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
post.update.tas.yieldmo.com R3	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh

This page contains 60 frames:

Primary Page: https://folkd.com/
Frame ID: 5F7F4AECBB1854562FF5271D947B22BB
Requests: 203 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 1EE4C52E97409AC0637AA997486E676A
Requests: 4 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 98E97E57382590F499252EBDBDCB76DC
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 286D6CFD9422A1D72BFBCC85C06E1173
Requests: 4 HTTP requests in this frame

Frame: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 400727046BA939A31D772E7D9FEA5609
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
Frame ID: 368914A2882C25F01A3268E2AB575BD3
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Frame ID: 8830A51641F6F4DA73E707D2CE8ACE74
Requests: 6 HTTP requests in this frame

Frame: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 53E8750C4C806DC897EA7AB32A13CA4D
Requests: 5 HTTP requests in this frame

Frame: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9EF42596C38C94E409670E990ED0B6B7
Requests: 27 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: FD42D420DD182BA98E52F46ECB2D2A21
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2C5F89D4B0EB5C9E1B75ACB395B18BE7
Requests: 9 HTTP requests in this frame

Frame: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E624904BDEAA2B0C67978E303FBCB7C9
Requests: 23 HTTP requests in this frame

Frame: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4272860968FE22C2C91C3282AAB0C935
Requests: 21 HTTP requests in this frame

Frame: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 443746F36BE1CFAD72C1EDB3BCF23334
Requests: 22 HTTP requests in this frame

Frame: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 52E048374E640108759BDDF72F500143
Requests: 22 HTTP requests in this frame

Frame: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C930388EDB82DECBF278724B8EE32C90
Requests: 16 HTTP requests in this frame

Frame: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DBA4258DC404F4762D8AA77111866EA1
Requests: 16 HTTP requests in this frame

Frame: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8169BD455FA506804F202EBD1F7BE0CE
Requests: 16 HTTP requests in this frame

Frame: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4233218B0406B541CC3563FBFEF73722
Requests: 20 HTTP requests in this frame

Frame: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4E44F84FB1DCA80CE6C79B5C6BB1C0EF
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8769FA0DD2718BBE96C5C69D89507FC4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 146CAC947C7011CB266C5A4C8E659BEB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7DEC3980B8E1131097DA4EDC30B8790C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C1905796042C5F249F4474583AB424D9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 638980EDF98D7392526C36DE97F013C5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EFE7BE91877582D60068322C90D72826
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CDF638BFCCC4D1589CCEE6B373347791
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBjK4fj_ATAB&v=APEucNWp65aovdv-zU1nERpAnw1G_oz7TRzMs4-OMo108fcioxpwmivzFvbdvNUMaVhK9lxfoKCUuVxVvSiRwtCPdFoPm1VEhQ
Frame ID: 41413F490D8944B01F32849CBEDB3499
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F132A88012F581D07978E194316B02B9
Requests: 9 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: E74A2EFBFEA09026BD6D93CB00D27E9C
Requests: 32 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 8DCCFA22C5A46379C65535C3ECDA1C84
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: B35B1A519A07535FB69B008B9413E046
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 8981B2705102F85808C58D0601FDE2F2
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 8C34724AAD7B746322C5D065E968B117
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 21472A0521778D911A162E15A1A5690B
Requests: 1 HTTP requests in this frame

Frame: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3420950681100687039&pv=4e9ca87e-5fcc-4fb3-a8b2-0d801da61695&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3420950681100687039&bt=programmatic&gt=ch
Frame ID: 875CDDF33AD4607FD8E6F663C2BB8BDD
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 9344CE2941679246FBBF65E631DA3046
Requests: 5 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: A9F6597650B5734441A03E14D1F8FFFA
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: BC8156E4A1842BD21BFB3ABD7A1D6A49
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 9B842BBE3BA12C66074E9F50F1D5198B
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 9761F34D2F817E17C86996C9179321D7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 380AD9679DC72D9A4473EEAEB4F95F33
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: FA5A7026150F9DD0CBFC798A41FC5F63
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 064D014EEF3CFDD7618523D7668D16B6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 400F66FA696342A3D3F2C8A7BA149A31
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E724950800E7E5AD670CDC944F227444
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E71266B9C69DCF8F47613CF410E9E4EB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 60C252840D6278238FDEFBEB97DC6A66
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1037BB0A0D212077F1F825122FAA5F8A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E806A723DA158E4DA84E587A7ECFCE78
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BBE0C019BF1291E9A8DB1F451DF4FEFE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1BEBAEC3B90D3C79AAA0564A4A48793E
Requests: 2 HTTP requests in this frame

Frame: blob://https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/b214d79c-b8c9-4f43-9ada-0f667e343df5
Frame ID: E0FD445C4E7B7C1E5AB5748D826A83B6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FD2B3F1EF00E62583C73FCE36545806E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7BF8FE9811475ECADA778BDAC7266E17
Requests: 2 HTTP requests in this frame

Frame: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 177908FFFB14D2B9B773121D5D565CA8
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COi0mwIQ7crM8gIYz5L7_gEwAQ&v=APEucNVS2UYkrVZyU3gGIWRKyP5irGcpbsxI31IMl71i2PlVLHGMMlZ46mlNpSY-XgJ3UWhNahHoG98K00E7Rdr2G9rIU0TzPA
Frame ID: A8D583AE08450B8D1A750CDE34594DA4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F35DB20AEBA898D356EF3D4635462E20
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F59484F4C29F117C73EFB2CDAFA95119
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/blue_super_max_logo_300x600_modified.html?ev=01_250
Frame ID: 1DA5C9D1095D677A75DC25D666E3D4EF
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Folkd | Home

Page URL History Show full URLs

https://www.folkd.com/submit/www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=dewa19kita.... HTTP 307
https://folkd.com/submit/www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=dewa19kita.... HTTP 301
https://folkd.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

695
Requests

83 %
HTTPS

37 %
IPv6

85
Domains

117
Subdomains

72
IPs

12
Countries

9682 kB
Transfer

25722 kB
Size

75
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://orchidlifesciences.com/cosmetic-manufacturers-in-pune/

Search URL Search Domain Scan URL

URL: https://windsorhelmets.com/finding-the-nearest-helmet-shop-for-your-safety-needs-a-guide/

Search URL Search Domain Scan URL

URL: https://www.esskaymachines.com/

Search URL Search Domain Scan URL

URL: https://www.zeropromosi.com/2020/01/jual-souvenir-tumbler-stainless-steel.html

Search URL Search Domain Scan URL

URL: https://www.ausadvisor.com/chavara-australia-bridging-cultures-through-matrimony/

Search URL Search Domain Scan URL

URL: https://blogstudiio.com/how-do-i-franchise-my-car-wash-business-without-mistakes-identify-them-first/

Search URL Search Domain Scan URL

URL: https://proudpoppyclothing.com.au/collections/kasey-rainbow-dresses

Search URL Search Domain Scan URL

URL: https://allwinrotoplast.com/blog/how-fish-tubs-keep-fish-fresh-and-safe

Search URL Search Domain Scan URL

URL: https://audi-kolkata.in/a8l.php

Search URL Search Domain Scan URL

URL: https://acservicesmadurai.com/washing-machine-service-in-madurai/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.folkd.com/submit/www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=dewa19kita.xyz/premium303&ved=2ahUKEwiOi_TirNyCAxV0wzgGHePeCgoQFnoECA0QAQ&usg=AOvVaw1RYWQXIW4DElKV3FpD7SuP/ HTTP 307
https://folkd.com/submit/www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=dewa19kita.xyz/premium303&ved=2ahUKEwiOi_TirNyCAxV0wzgGHePeCgoQFnoECA0QAQ&usg=AOvVaw1RYWQXIW4DElKV3FpD7SuP/ HTTP 301
https://folkd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://google-bidout-d.openx.net/w/1.0/pd?plm=5 HTTP 302
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Request Chain 102

https://gum.criteo.com/sid/json?origin=publishertagids&domain=folkd.com&sn=ChromeSyncframe&so=0&topUrl=folkd.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Lf3ISnxxQnpaN3dIZzVNSEhxNGo4RkdySlBCSGZtR243NXlwMzB5b0p2R1dlR1ljU3huK0QyVHRRbXY2bktnOWkyWVNGcnplWSt3a05tSjBwZm84dURhMUZkM1doaU1KSU4ydWNoNlpOUVEwNnBjVmZyenVGTSthUVZlZCtDUGpONjJITEs0Z1dQNUwrUTZueUsvOHR4Z0czMXRBenRlaFpjenk1Rm9rdTR2N2IxN1JEOUlMVzNySERoOGljK1hoTXF2WW56OU9DZ1Z1czNNQXA1NjBiNGVnaGRUMGhOald0MVo1WXpZWXZsQjB5RHR3cnhOb2VXemtYelR6U1FUaHlqY0V0eVdSNEx6K3gvbWhRYys2NVYwRFZQUT09fA&cppv=2

Request Chain 169

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/ZvoEeEaViUZpgByPHAXsVKPLQHc/TS8gNw../logo+zero+kecil.jpg HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/ZvoEeEaViUZpgByPHAXsVKPLQHc/TS8gNw../logo%20zero%20kecil.jpg

Request Chain 171

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/MQzyJqhtRGK2EIUwhv4aifVK7X4/CXJ0RQ../matrimo.jpg HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/MQzyJqhtRGK2EIUwhv4aifVK7X4/CXJ0RQ../matrimo.jpg

Request Chain 208

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8594898887817346856

Request Chain 209

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fb1dd5ac-3af1-8b23-9c15-0c5f295a7ac4 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fb1dd5ac-3af1-8b23-9c15-0c5f295a7ac4&dcc=t

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHV84p4_ZN4q99PiDT2VCr4&google_cver=1

Request Chain 329

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFCMCdXIho9-Nb-qlEmBWjQ&google_cver=1&google_push=AXcoOmSb50usLir55i3083yGnn2sw8fu8o7ZT_DoYefZhzSSnUzG-N6iXaiLwd0AwT_IArYJVPQhSWdNJRFMqcWG1LBGgOjmj5nw HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=47cf8806d06117e5&is_secure=true&networkId=14000&version=1&google_gid=CAESEFCMCdXIho9-Nb-qlEmBWjQ&google_cver=1&google_push=AXcoOmSb50usLir55i3083yGnn2sw8fu8o7ZT_DoYefZhzSSnUzG-N6iXaiLwd0AwT_IArYJVPQhSWdNJRFMqcWG1LBGgOjmj5nw

Request Chain 330

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmSZG08DMTmB48pR8PfalipBvCLyJT52mIBKRz7L6Gx7Vtk5wM-Zzy-DwJA9ksGmf4BltIkLEBu8wL16iPaRZPyMixOV49-6WQ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmSZG08DMTmB48pR8PfalipBvCLyJT52mIBKRz7L6Gx7Vtk5wM-Zzy-DwJA9ksGmf4BltIkLEBu8wL16iPaRZPyMixOV49-6WQ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSZG08DMTmB48pR8PfalipBvCLyJT52mIBKRz7L6Gx7Vtk5wM-Zzy-DwJA9ksGmf4BltIkLEBu8wL16iPaRZPyMixOV49-6WQ&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

Request Chain 331

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOYrEoBiycuoiDYJ2Yav-24&google_cver=1&google_push=AXcoOmTL6VfvYs12iGNqkNSXS53bfb-7HDSkOM2PPZaG5wxfQJ4dD66jqzRtXN_0m0dZ1vxE4mDmtYbJopQEKIw97JJoIlGg2e-C-w HTTP 302
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=f5891b64ca&gdpr=0&gdpr_consent=

Request Chain 332

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPPWFoqYvgqWFUvdh_dUsAg&google_cver=1&google_push=AXcoOmQEK8lRjhHiWpyo-4DSTN00sMKrllItJgs-1zMICOtACFTGs5jpWpoQlkitbBGA4A7LTcQxxI8jm9WcfOs8PtB8MKHTkqMB HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQEK8lRjhHiWpyo-4DSTN00sMKrllItJgs-1zMICOtACFTGs5jpWpoQlkitbBGA4A7LTcQxxI8jm9WcfOs8PtB8MKHTkqMB&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1701667102026 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQEK8lRjhHiWpyo-4DSTN00sMKrllItJgs-1zMICOtACFTGs5jpWpoQlkitbBGA4A7LTcQxxI8jm9WcfOs8PtB8MKHTkqMB%26google_hm%3DAyfTXU24ak-VnNQ_62z-ViY

Request Chain 343

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTZolraBZts7pc4x8WC3ItKGaj5-gRZqTJl3H4G_omH63Rdut6GmFxoFTM61Y4Ym53iIpbry_hVC-HSmmqG3gufpbjiwwrf&google_gid=CAESEBvYDAmsk4Yi-9l2p2ZorZU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTZolraBZts7pc4x8WC3ItKGaj5-gRZqTJl3H4G_omH63Rdut6GmFxoFTM61Y4Ym53iIpbry_hVC-HSmmqG3gufpbjiwwrf

Request Chain 344

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGcKHQ_VBwZB0OcYTXGSX-M&google_cver=1&google_push=AXcoOmR1v5eGJXbqb8rDB6gPf-6ALIV0jkq3GfXsc9m6apJLP77Y0chwnvRUoKrlEK6EWmqi4U9hBRlM8Xjq3wiRQ-X68mH_C_Rz HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGcKHQ_VBwZB0OcYTXGSX-M&google_cver=1&google_push=AXcoOmR1v5eGJXbqb8rDB6gPf-6ALIV0jkq3GfXsc9m6apJLP77Y0chwnvRUoKrlEK6EWmqi4U9hBRlM8Xjq3wiRQ-X68mH_C_Rz&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=if_zpGoxQOi43TEU9lvKcA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmR1v5eGJXbqb8rDB6gPf-6ALIV0jkq3GfXsc9m6apJLP77Y0chwnvRUoKrlEK6EWmqi4U9hBRlM8Xjq3wiRQ-X68mH_C_Rz

Request Chain 345

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_cver=1&google_push=AXcoOmS23FnWv2odTiZjXHchcZQM96nLI3aMDFsNivLjUwAIQPsk9pmxJ-UDJKZgMKu21skrJaydpG_zppj8SExdCEkpNHxj6eE HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_push=AXcoOmS23FnWv2odTiZjXHchcZQM96nLI3aMDFsNivLjUwAIQPsk9pmxJ-UDJKZgMKu21skrJaydpG_zppj8SExdCEkpNHxj6eE&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_hm=ZW1hHkOAi-wH-Vr81cCwrwAADQsAAAIB&google_nid=index&google_push=AXcoOmS23FnWv2odTiZjXHchcZQM96nLI3aMDFsNivLjUwAIQPsk9pmxJ-UDJKZgMKu21skrJaydpG_zppj8SExdCEkpNHxj6eE

Request Chain 346

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRC-yUlFg4MMO5BazIkiiHKGr7DR4ff4MtT9keLOYdhFuQDfi7fmFSx_3-rYh7zy7VYbgZyXOphrLCaBWaE4yZknMCvYTks%26google_hm%3D%5BUID%5D&google_gid=CAESEIz9bn3PzC8Q7i7Uz8u2dIs&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRC-yUlFg4MMO5BazIkiiHKGr7DR4ff4MtT9keLOYdhFuQDfi7fmFSx_3-rYh7zy7VYbgZyXOphrLCaBWaE4yZknMCvYTks&google_hm=4e99d381-35e8-44a5-862c-7683f40a8f58

Request Chain 347

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmTnvcxUHXRYcOuiwkXvbbB0MUPYW0XUaGVGj0770J4ioGaSg8C1mmotUyZXghqQe0g2qrXPpdULpsytei5zs300llbt00hh HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmTnvcxUHXRYcOuiwkXvbbB0MUPYW0XUaGVGj0770J4ioGaSg8C1mmotUyZXghqQe0g2qrXPpdULpsytei5zs300llbt00hh&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTnvcxUHXRYcOuiwkXvbbB0MUPYW0XUaGVGj0770J4ioGaSg8C1mmotUyZXghqQe0g2qrXPpdULpsytei5zs300llbt00hh&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

Request Chain 348

https://ads.yieldmo.com/exptsync?google_gid=CAESEFLxQDcnCVlnwQQEeEywfAY&google_cver=1&google_push=AXcoOmSquSC1szoCPgqGKIMP7o5TsRQJAKQcGuq7ts7Yzu03bkppwPgld46tP7s7kFj2mr0widdJ0O-XyVU0pnHCMtHAt79F4ieF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSquSC1szoCPgqGKIMP7o5TsRQJAKQcGuq7ts7Yzu03bkppwPgld46tP7s7kFj2mr0widdJ0O-XyVU0pnHCMtHAt79F4ieF&google_hm=M3pjY1ZoaE5OcmhKRmJvdHZ0eks=

Request Chain 349

https://cs.media.net/cksync?type=g&google_gid=CAESEJSjrTTO_buI4BguiZdSF74&google_cver=1&google_push=AXcoOmSZvx8pev_w5T0cDI1pHxzyLBl7F9CknHSEqGQg21bgFvqyuLjRwEgQXp51O6uXQxMDDkC5YDqkMkg9gHtSha0p7RMb2bo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzMzNjAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzMzNjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSZvx8pev_w5T0cDI1pHxzyLBl7F9CknHSEqGQg21bgFvqyuLjRwEgQXp51O6uXQxMDDkC5YDqkMkg9gHtSha0p7RMb2bo&gdpr=&gdpr_consent=

Request Chain 351

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPy7IsM_Hy6hiRG9bZY4LjE&google_cver=1&google_push=AXcoOmRYt_7nuQ2gzX5PLS2B_CHbz_Xz4xzkhos3aVLoJaoeDv8BcTn7xXwyglpfgakPNP82v90xZXttTbMQc-IFXxLrqhp-mK-B HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRYt_7nuQ2gzX5PLS2B_CHbz_Xz4xzkhos3aVLoJaoeDv8BcTn7xXwyglpfgakPNP82v90xZXttTbMQc-IFXxLrqhp-mK-B&google_hm=eS1IMFJiNEQ5RTJwRThhMWpSUkxSUElabUIyb3d6bkhseX5B

Request Chain 352

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR0eIGgNb5UE92rc19Jj1b91z3ogHSOX98ukDS4xefqD6h9BDgHY3MYZjXOEdc5m0924nsR9mSs-LiQqbVMH-wnnDQxVupw&google_gid=CAESEBvYDAmsk4Yi-9l2p2ZorZU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmR0eIGgNb5UE92rc19Jj1b91z3ogHSOX98ukDS4xefqD6h9BDgHY3MYZjXOEdc5m0924nsR9mSs-LiQqbVMH-wnnDQxVupw

Request Chain 353

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELpYUmnPN94ydMo0BuWYuRs&google_cver=1&google_push=AXcoOmQvojVUwGYnw_sB6LOl-qH6pC0idEZm2oU-Qd8Pqwi7lHK3CJfzzZazyuSEqB4VCzgLVlcqsJ0OOEcnzdIQoJK4A_F0EVM6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmQvojVUwGYnw_sB6LOl-qH6pC0idEZm2oU-Qd8Pqwi7lHK3CJfzzZazyuSEqB4VCzgLVlcqsJ0OOEcnzdIQoJK4A_F0EVM6

Request Chain 354

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQEjRafn1y4g50Cy-YZUcJiJOUimgzn27C9266YdIjX7Er968Qf7ma0HSXSUFQoT-fI-YF1Gh2G67zXAxd0HgUcnHwDynla%26google_hm%3D%5BUID%5D&google_gid=CAESEIz9bn3PzC8Q7i7Uz8u2dIs&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQEjRafn1y4g50Cy-YZUcJiJOUimgzn27C9266YdIjX7Er968Qf7ma0HSXSUFQoT-fI-YF1Gh2G67zXAxd0HgUcnHwDynla&google_hm=a015c8bf-37cb-49c3-a403-d7f60179eb82

Request Chain 355

https://ads.yieldmo.com/exptsync?google_gid=CAESEFLxQDcnCVlnwQQEeEywfAY&google_cver=1&google_push=AXcoOmS6SaP_yjdb5MLzEb0UpFTZIf1slWDh14XvaikB7d1u17k8WPdEfgkr3_pyyHV6OOUvzCHJJ_TJ20UIgy6Ypv61YnCtonEF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS6SaP_yjdb5MLzEb0UpFTZIf1slWDh14XvaikB7d1u17k8WPdEfgkr3_pyyHV6OOUvzCHJJ_TJ20UIgy6Ypv61YnCtonEF&google_hm=M3pjY1ZoaE5OcmhKRmJvdHZ0eks=

Request Chain 356

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAFbXywLQ7Wkqym9q0pt01M&google_cver=1&google_push=AXcoOmQgl7rpjluNL_UK8JQBScvCxMrnOnsSx48b8AhNCCrBY5xfN_hJuwbO4nrc2mZRszQqXMqcDai0mlE6tCBcDJJ5lu7v3Ma3 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQgl7rpjluNL_UK8JQBScvCxMrnOnsSx48b8AhNCCrBY5xfN_hJuwbO4nrc2mZRszQqXMqcDai0mlE6tCBcDJJ5lu7v3Ma3&google_gid=CAESEAFbXywLQ7Wkqym9q0pt01M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmQgl7rpjluNL_UK8JQBScvCxMrnOnsSx48b8AhNCCrBY5xfN_hJuwbO4nrc2mZRszQqXMqcDai0mlE6tCBcDJJ5lu7v3Ma3

Request Chain 374

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7BhK2tQiCSXiqlAWD0ZhA&google_cver=1

Request Chain 375

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW1hHilwAW4n0FA5a6txPwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7BhK2tQiCSXiqlAWD0ZhA&google_cver=1

Request Chain 376

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTJtYUbQRYCWrFEoH7pFcAA3bKJM7h4VT-S0mxFUwTBnxg8gfsivbyVfRSc0p-LE9qEPQlKY12cc1TAmWTLHGaKalG1Omlv&google_gid=CAESEBvYDAmsk4Yi-9l2p2ZorZU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTJtYUbQRYCWrFEoH7pFcAA3bKJM7h4VT-S0mxFUwTBnxg8gfsivbyVfRSc0p-LE9qEPQlKY12cc1TAmWTLHGaKalG1Omlv

Request Chain 377

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELpYUmnPN94ydMo0BuWYuRs&google_cver=1&google_push=AXcoOmQkQeu4TH-HyPxylxPHNjGJ38fuaYVq5jwTQLDK4uOwetP9px6mVFJxq0vCLGOIC2ZYL1CvvmD5lKY1Eut64nwgZHeg358 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmQkQeu4TH-HyPxylxPHNjGJ38fuaYVq5jwTQLDK4uOwetP9px6mVFJxq0vCLGOIC2ZYL1CvvmD5lKY1Eut64nwgZHeg358

Request Chain 378

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_cver=1&google_push=AXcoOmT9l8_lKo50j_nqoni9BrZSkaaY87kBjUKnJdt-9xIHJer8Ke46r99RHC4KkNrBypAxrXQm5tmCsZq63rcvA6p-OWs0xyw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_push=AXcoOmT9l8_lKo50j_nqoni9BrZSkaaY87kBjUKnJdt-9xIHJer8Ke46r99RHC4KkNrBypAxrXQm5tmCsZq63rcvA6p-OWs0xyw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_hm=ZW1hHilwAW4n0FA5a6txPwAAFKMAAAAB&google_nid=index&google_push=AXcoOmT9l8_lKo50j_nqoni9BrZSkaaY87kBjUKnJdt-9xIHJer8Ke46r99RHC4KkNrBypAxrXQm5tmCsZq63rcvA6p-OWs0xyw

Request Chain 379

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmRXXVCORDr_YIn_RgD6KTwjCI3rL4Z0peoEWTeYrPitd8aAR5V9fTeM7TuyfrYLyH5EwUG7_ffoSJnWAzBcRJU6J__aQZo HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRXXVCORDr_YIn_RgD6KTwjCI3rL4Z0peoEWTeYrPitd8aAR5V9fTeM7TuyfrYLyH5EwUG7_ffoSJnWAzBcRJU6J__aQZo&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

Request Chain 380

https://ads.yieldmo.com/exptsync?google_gid=CAESEFLxQDcnCVlnwQQEeEywfAY&google_cver=1&google_push=AXcoOmR30kP-VzHnIawb4Mwrcr8zYDCmbR3lLTjYdq5WiHBNqlleMBdWj19r4qz8w_VqkFsR6CwE4pH0qEBuTIx-lYMWoIrqv8tT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmR30kP-VzHnIawb4Mwrcr8zYDCmbR3lLTjYdq5WiHBNqlleMBdWj19r4qz8w_VqkFsR6CwE4pH0qEBuTIx-lYMWoIrqv8tT&google_hm=M3pjY1ZoaE5OcmhKRmJvdHZ0eks=

Request Chain 381

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPPWFoqYvgqWFUvdh_dUsAg&google_cver=1&google_push=AXcoOmTPaeYTsDzMnOmRMV28gzPyqLaIpPGERIMSH2nkkB2X1usWyYDBWu_50HyG6L4eV-akmJseLbI5XVkFScF3_Yap9M4zboum HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTPaeYTsDzMnOmRMV28gzPyqLaIpPGERIMSH2nkkB2X1usWyYDBWu_50HyG6L4eV-akmJseLbI5XVkFScF3_Yap9M4zboum%26google_hm%3DAyfTXU24ak-VnNQ_62z-ViY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTPaeYTsDzMnOmRMV28gzPyqLaIpPGERIMSH2nkkB2X1usWyYDBWu_50HyG6L4eV-akmJseLbI5XVkFScF3_Yap9M4zboum&google_hm=AyfTXU24ak-VnNQ_62z-ViY

Request Chain 388

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPy7IsM_Hy6hiRG9bZY4LjE&google_cver=1&google_push=AXcoOmSHmFD_mBuuWpI9vFaUF4RoT93l_obNacM03rqw-6hwGpErMXZbUiK8IRe0u2aFOIosYwRi6vfixMYbTyJP1aYvnNa23NCn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSHmFD_mBuuWpI9vFaUF4RoT93l_obNacM03rqw-6hwGpErMXZbUiK8IRe0u2aFOIosYwRi6vfixMYbTyJP1aYvnNa23NCn&google_hm=eS1xUFZPelFWRTJwRkNfdWVuZGZSek85MUdpbExrSkU4Sn5B

Request Chain 389

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRoDibNLF54yayqkf8J5S48xqP1vccedVJTn0azilb76X24YPCgadVsKV-G0_MH-qNm0xbpMUfAZvpcTk2UF5vkej3WB4Rx&google_gid=CAESEBvYDAmsk4Yi-9l2p2ZorZU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmRoDibNLF54yayqkf8J5S48xqP1vccedVJTn0azilb76X24YPCgadVsKV-G0_MH-qNm0xbpMUfAZvpcTk2UF5vkej3WB4Rx

Request Chain 390

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGcKHQ_VBwZB0OcYTXGSX-M&google_cver=1&google_push=AXcoOmSsDDTBe-zigXDhHc-UM1p9Ilkeo4EBLVVoXzI9uY-2W9uWKcw_SOtYYP-g_oQ3sEfGDDusc4-2pTUQ6kdCEv-C8prOLYE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGcKHQ_VBwZB0OcYTXGSX-M&google_cver=1&google_push=AXcoOmSsDDTBe-zigXDhHc-UM1p9Ilkeo4EBLVVoXzI9uY-2W9uWKcw_SOtYYP-g_oQ3sEfGDDusc4-2pTUQ6kdCEv-C8prOLYE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eJtEHAPUQJ69TWO9vHLbZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSsDDTBe-zigXDhHc-UM1p9Ilkeo4EBLVVoXzI9uY-2W9uWKcw_SOtYYP-g_oQ3sEfGDDusc4-2pTUQ6kdCEv-C8prOLYE

Request Chain 391

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_cver=1&google_push=AXcoOmSsZ05Ryr6Ii57L7SplF4Fgo5l_DEvchlFEmUDb4JA4FdtddwM5ZHoRvJ2Fky1GavZq8p-8-RSQjm2Nj2fdX6SM87LcP5w HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_push=AXcoOmSsZ05Ryr6Ii57L7SplF4Fgo5l_DEvchlFEmUDb4JA4FdtddwM5ZHoRvJ2Fky1GavZq8p-8-RSQjm2Nj2fdX6SM87LcP5w&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_hm=ZW1hHilwAW4n0FA5a6txPwAAFKMAAAAB&google_nid=index&google_push=AXcoOmSsZ05Ryr6Ii57L7SplF4Fgo5l_DEvchlFEmUDb4JA4FdtddwM5ZHoRvJ2Fky1GavZq8p-8-RSQjm2Nj2fdX6SM87LcP5w

Request Chain 392

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmTbECrFUqY-HHMKgSjbj1yqD3nF4TtVziYAyhwvEV7kZ8i-k3WPJDENp7RIcDnZ9DeQyWeCW9oPVRGHhJmptTR562qHkgAZ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTbECrFUqY-HHMKgSjbj1yqD3nF4TtVziYAyhwvEV7kZ8i-k3WPJDENp7RIcDnZ9DeQyWeCW9oPVRGHhJmptTR562qHkgAZ&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

Request Chain 393

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPPWFoqYvgqWFUvdh_dUsAg&google_cver=1&google_push=AXcoOmQixfyIQEt0XyS1vZlm1XMCIpiQlxOPd04k0G7ptKqD4SKEq4tLEVjOzSwOrKTc3eMm3X_3QxV2X0B8oLRLzvj0dnfuncc HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQixfyIQEt0XyS1vZlm1XMCIpiQlxOPd04k0G7ptKqD4SKEq4tLEVjOzSwOrKTc3eMm3X_3QxV2X0B8oLRLzvj0dnfuncc%26google_hm%3DAyfTXU24ak-VnNQ_62z-ViY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQixfyIQEt0XyS1vZlm1XMCIpiQlxOPd04k0G7ptKqD4SKEq4tLEVjOzSwOrKTc3eMm3X_3QxV2X0B8oLRLzvj0dnfuncc&google_hm=AyfTXU24ak-VnNQ_62z-ViY

Request Chain 441

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOTM0jG7fKuy7iCCfWa_WOc&google_cver=1&google_push=AXcoOmSV45bHpnLsrO62fPdb1_-P2YtMkucCrL9Docm3jRqj7vDhwjVgBbm_BapvVxdoGyOsCLsrbmc3WjRVrzA1y5bkbTYXtyOq HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSV45bHpnLsrO62fPdb1_-P2YtMkucCrL9Docm3jRqj7vDhwjVgBbm_BapvVxdoGyOsCLsrbmc3WjRVrzA1y5bkbTYXtyOq&google_hm=zYnYEWuxekNHBHanWAJtPA

Request Chain 442

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPSLyiSo3UTTIZeyBFO46W8&google_cver=1&google_push=AXcoOmTzXcHYXHXdH4pnRMctoq3V-VYLKX2XPdaUqJUfJQlLmiII4Ir03PZ-ZTKzU9-b2ldEllqRrDBvGjiwlhTAbpdF4ZeZiOk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=860098435345&us_privacy=1---

Request Chain 443

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPy7IsM_Hy6hiRG9bZY4LjE&google_cver=1&google_push=AXcoOmTgBerW0FVKHFkVdS6YlXACEQ_RfQctW0xQDThO6yKUXRgXWLqAcXVNBms8gENl5HKLA9NPubu8eNuGgSvgzGsL6sm0Fopo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTgBerW0FVKHFkVdS6YlXACEQ_RfQctW0xQDThO6yKUXRgXWLqAcXVNBms8gENl5HKLA9NPubu8eNuGgSvgzGsL6sm0Fopo&google_hm=eS1XTTRWUHlsRTJwRThOZ0Y4OEZia0hyRGp4Z2RUUVNqRn5B

Request Chain 444

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELpYUmnPN94ydMo0BuWYuRs&google_cver=1&google_push=AXcoOmTI7xgJHhEEudKE0e1jkCrOOwIFtv1IgC5Bp7K9YzHntXwfYhd9m0pHAVig3U9S_in2ZrWbNRcfGGwAGM6VosYR0YdHmgCC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmTI7xgJHhEEudKE0e1jkCrOOwIFtv1IgC5Bp7K9YzHntXwfYhd9m0pHAVig3U9S_in2ZrWbNRcfGGwAGM6VosYR0YdHmgCC

Request Chain 445

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRLfVi6m4A9N2hAcMslHt-HEJ0mh0g2ykoszgFgCg1TeQm--ES8dCEMyWyWnxQPdy1daAfjif36BpiDhvQB7krUK7ful6_F%26google_hm%3D%5BUID%5D&google_gid=CAESEIz9bn3PzC8Q7i7Uz8u2dIs&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRLfVi6m4A9N2hAcMslHt-HEJ0mh0g2ykoszgFgCg1TeQm--ES8dCEMyWyWnxQPdy1daAfjif36BpiDhvQB7krUK7ful6_F&google_hm=049af203-f025-4503-8684-9d3bc561f2a7

Request Chain 446

https://cs.media.net/cksync?type=g&google_gid=CAESEJSjrTTO_buI4BguiZdSF74&google_cver=1&google_push=AXcoOmQROFzP9FFPMYHxGRe5EWuBCCDqF6UEPiR-1rkUApiNnU9FfcT77JGtH48z4QAKYaoyiGQfoPlPnzcrh0eY76PkNL_vUq8P HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzMyMDAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzMyMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQROFzP9FFPMYHxGRe5EWuBCCDqF6UEPiR-1rkUApiNnU9FfcT77JGtH48z4QAKYaoyiGQfoPlPnzcrh0eY76PkNL_vUq8P&gdpr=&gdpr_consent=

Request Chain 449

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQjgAVOiD216Kj73NAwyzZkG-HSE-j2Trx4lDxvISnhabkHP7VRjMZbKHo4tEJQvbBW_u_TLys6a9cjVWNz9M-5rZQwhQBM&google_gid=CAESEBvYDAmsk4Yi-9l2p2ZorZU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmQjgAVOiD216Kj73NAwyzZkG-HSE-j2Trx4lDxvISnhabkHP7VRjMZbKHo4tEJQvbBW_u_TLys6a9cjVWNz9M-5rZQwhQBM

Request Chain 450

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGcKHQ_VBwZB0OcYTXGSX-M&google_cver=1&google_push=AXcoOmSHBeBvO-hFDDBwAtEZSomIXoyA0b2sNv-FMLRtP1FvHZbLKcMpU29u6TDn9KELjIqowdoEoznpLQ9tl9F8SpCONLscbJY HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGcKHQ_VBwZB0OcYTXGSX-M&google_cver=1&google_push=AXcoOmSHBeBvO-hFDDBwAtEZSomIXoyA0b2sNv-FMLRtP1FvHZbLKcMpU29u6TDn9KELjIqowdoEoznpLQ9tl9F8SpCONLscbJY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SkiwxL5_Qq-WRtTHezEW5w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSHBeBvO-hFDDBwAtEZSomIXoyA0b2sNv-FMLRtP1FvHZbLKcMpU29u6TDn9KELjIqowdoEoznpLQ9tl9F8SpCONLscbJY

Request Chain 451

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmSgjOpVHADHfBfL15YxY2CJ8v0-nEelMG2aCDTrOC9de61fGuzBQ0Ehip8v4p2iuji3jLzzCmqQFKBkEp3TN5O0lNHtlz8b%26google_hm%3D%5BUID%5D&google_gid=CAESEIz9bn3PzC8Q7i7Uz8u2dIs&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmSgjOpVHADHfBfL15YxY2CJ8v0-nEelMG2aCDTrOC9de61fGuzBQ0Ehip8v4p2iuji3jLzzCmqQFKBkEp3TN5O0lNHtlz8b&google_hm=6ead9bc2-b20f-4618-88de-8bf06b0d0e38

Request Chain 452

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPPWFoqYvgqWFUvdh_dUsAg&google_cver=1&google_push=AXcoOmQ5WxZ7dSYOZhTB3LAo1MN8d0ePo7HfRD6y-VqKn3YbT5GGMTnpjzvC71-RBrHu7w40zPHbBFMa8CoPR4pd0HqEWkbd_Fs HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQ5WxZ7dSYOZhTB3LAo1MN8d0ePo7HfRD6y-VqKn3YbT5GGMTnpjzvC71-RBrHu7w40zPHbBFMa8CoPR4pd0HqEWkbd_Fs%26google_hm%3DAyfTXU24ak-VnNQ_62z-ViY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ5WxZ7dSYOZhTB3LAo1MN8d0ePo7HfRD6y-VqKn3YbT5GGMTnpjzvC71-RBrHu7w40zPHbBFMa8CoPR4pd0HqEWkbd_Fs&google_hm=AyfTXU24ak-VnNQ_62z-ViY

Request Chain 453

https://cs.media.net/cksync?type=g&google_gid=CAESEJSjrTTO_buI4BguiZdSF74&google_cver=1&google_push=AXcoOmTYjg8SFeaKtPGQyaZbNFIcTunb05H04BccAsfUbwMuOEBtSS1pJiaGtOsmfj-YIieQAbwKLlbuzdSdSqAOq5R_WyOOj3c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTYjg8SFeaKtPGQyaZbNFIcTunb05H04BccAsfUbwMuOEBtSS1pJiaGtOsmfj-YIieQAbwKLlbuzdSdSqAOq5R_WyOOj3c&gdpr=&gdpr_consent=

Request Chain 455

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMyAJUacWQKSj1DA41FBvYc&google_cver=1&google_push=AXcoOmRE1Qc4pY9W7ea4EijbYHsVOX09-A3ZcpZUVyruPJm3juINLBDAdJ98l6yMJ8rCZNJH3MaJG2HErJm0SHiq4GqQemzqtTRwbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRE1Qc4pY9W7ea4EijbYHsVOX09-A3ZcpZUVyruPJm3juINLBDAdJ98l6yMJ8rCZNJH3MaJG2HErJm0SHiq4GqQemzqtTRwbw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 466

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=da8f6dc4ce93b6137a09 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=da8f6dc4ce93b6137a09

Request Chain 467

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTzs_9CsTsBPY0Oc9lKe1JPSkeJdgiAWbf6XRT8ZNow5EpWGO4xXuwnrZqnyGvFP8wwomzw6f2jejQsUu-q0e_i7rzFg5g94Q&google_gid=CAESEBvYDAmsk4Yi-9l2p2ZorZU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTzs_9CsTsBPY0Oc9lKe1JPSkeJdgiAWbf6XRT8ZNow5EpWGO4xXuwnrZqnyGvFP8wwomzw6f2jejQsUu-q0e_i7rzFg5g94Q

Request Chain 468

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGcKHQ_VBwZB0OcYTXGSX-M&google_cver=1&google_push=AXcoOmSE2yCMtdMm37PLVpbWDWbYgfze-wk1Sj9q_5JdUC87eiOnUg03e3nJ-MZwR7zR_WLREES7v0zp_X6WbHUdSh9UwzXWv8UtgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tgEFYkLaQvq-GuHxo36UqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSE2yCMtdMm37PLVpbWDWbYgfze-wk1Sj9q_5JdUC87eiOnUg03e3nJ-MZwR7zR_WLREES7v0zp_X6WbHUdSh9UwzXWv8UtgA

Request Chain 469

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELpYUmnPN94ydMo0BuWYuRs&google_cver=1&google_push=AXcoOmSiy1pgYQU9T87bDVEq2hchR_3_8Ekx0Y2v8HnKvDhu8gM6CpFO2q7_A--SuQ42K38O1EOM57CStgETpyeOys4shEZWFY57dg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmSiy1pgYQU9T87bDVEq2hchR_3_8Ekx0Y2v8HnKvDhu8gM6CpFO2q7_A--SuQ42K38O1EOM57CStgETpyeOys4shEZWFY57dg

Request Chain 470

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTeKPKfAS1m9_yZX6kcONlH0WfI86YWKWJlKH0_OFWgkSAJELMVyNYg50M1QP9hkxl5wIqw7HEsUrc9KVc1iq4H4lfQNEBysA%26google_hm%3D%5BUID%5D&google_gid=CAESEIz9bn3PzC8Q7i7Uz8u2dIs&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTeKPKfAS1m9_yZX6kcONlH0WfI86YWKWJlKH0_OFWgkSAJELMVyNYg50M1QP9hkxl5wIqw7HEsUrc9KVc1iq4H4lfQNEBysA&google_hm=98ff2875-c623-4052-aa65-d7afb302353b

Request Chain 471

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmSX1ujikAF1i5FuIRQ7Jil4BguKRjZtcpxxR-b0uM4EVjvyqb75XEQd67H8SEFKf5Wf2_Y618xyFZpqCq7NJEp9cTM7sd_U HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSX1ujikAF1i5FuIRQ7Jil4BguKRjZtcpxxR-b0uM4EVjvyqb75XEQd67H8SEFKf5Wf2_Y618xyFZpqCq7NJEp9cTM7sd_U&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

Request Chain 472

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAFbXywLQ7Wkqym9q0pt01M&google_cver=1&google_push=AXcoOmS15t0I2U_Sr-hJ4qCOqUqfh_k1FTtKLFJZnbQagOGlP7NONPseCCKCjOlvcL8La9EC2a-AH7p-cSMdftwgg99QjzSgWSYRNg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmS15t0I2U_Sr-hJ4qCOqUqfh_k1FTtKLFJZnbQagOGlP7NONPseCCKCjOlvcL8La9EC2a-AH7p-cSMdftwgg99QjzSgWSYRNg

Request Chain 496

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTD6VRrlNhf6hYXVPujGbVRPVP9ifwvo2X0Ii-d_O-KCw9HTmpJyvUvWTV-bUAWmgw0T8lV-QrRNgmtebd-u9JY6tMhmfqbrw&google_gid=CAESEBvYDAmsk4Yi-9l2p2ZorZU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTD6VRrlNhf6hYXVPujGbVRPVP9ifwvo2X0Ii-d_O-KCw9HTmpJyvUvWTV-bUAWmgw0T8lV-QrRNgmtebd-u9JY6tMhmfqbrw

Request Chain 497

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGcKHQ_VBwZB0OcYTXGSX-M&google_cver=1&google_push=AXcoOmQq5W8T8MVhaRIUZTHfNHN5sMch5v3IPCvhN8B5uWwSwdWbz_m73YOkbhaZExMEZjvawoDAWBgQQxbMKEoGomLOKIPh-fDX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tgEFYkLaQvq-GuHxo36UqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQq5W8T8MVhaRIUZTHfNHN5sMch5v3IPCvhN8B5uWwSwdWbz_m73YOkbhaZExMEZjvawoDAWBgQQxbMKEoGomLOKIPh-fDX

Request Chain 498

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmQfc_SDDzvKlQtlAiqEO-kicdVuRLtxWcjf76pak1u9pERVS1ZCMBhMIZeR9AE0xhF35SSgYCuqq1FcL1jQpttzwq7UP-hP HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQfc_SDDzvKlQtlAiqEO-kicdVuRLtxWcjf76pak1u9pERVS1ZCMBhMIZeR9AE0xhF35SSgYCuqq1FcL1jQpttzwq7UP-hP&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

Request Chain 499

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPPWFoqYvgqWFUvdh_dUsAg&google_cver=1&google_push=AXcoOmRt0koS32bXnrUqE4yyQEb8eIFhgFBZtkc72q03V89StltfNlzOCimZm6L7uijNSkelVgk2tbpAu01fGNLyuKzyVTeo9HRASA HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRt0koS32bXnrUqE4yyQEb8eIFhgFBZtkc72q03V89StltfNlzOCimZm6L7uijNSkelVgk2tbpAu01fGNLyuKzyVTeo9HRASA%26google_hm%3DAyfTXU24ak-VnNQ_62z-ViY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRt0koS32bXnrUqE4yyQEb8eIFhgFBZtkc72q03V89StltfNlzOCimZm6L7uijNSkelVgk2tbpAu01fGNLyuKzyVTeo9HRASA&google_hm=AyfTXU24ak-VnNQ_62z-ViY

Request Chain 500

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAFbXywLQ7Wkqym9q0pt01M&google_cver=1&google_push=AXcoOmRdgzJ4kyvxYSYWoy0rlx6bRBvSqm7NfVBQyrigjHtxjnXLItcsWp1BQ7r42ovxrlIdvKTXc_V3jEw1CLwj_fxEN6iV4fHRXA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmRdgzJ4kyvxYSYWoy0rlx6bRBvSqm7NfVBQyrigjHtxjnXLItcsWp1BQ7r42ovxrlIdvKTXc_V3jEw1CLwj_fxEN6iV4fHRXA

Request Chain 502

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMyAJUacWQKSj1DA41FBvYc&google_cver=1&google_push=AXcoOmSkrZfEZeyjMR6MgVr_gC9Bdlm1OvvG2oomtWsOJov-W6oTqD-8ym1yNYHNQoVJlhsYAjiGlJ4yX9i_CIfuzNwlo_1dAykAYoU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSkrZfEZeyjMR6MgVr_gC9Bdlm1OvvG2oomtWsOJov-W6oTqD-8ym1yNYHNQoVJlhsYAjiGlJ4yX9i_CIfuzNwlo_1dAykAYoU HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 609

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPSLyiSo3UTTIZeyBFO46W8&google_cver=1&google_push=AXcoOmTvrs7P6dCA6UOpl1FsITrXUWDJMza1aZprBkeOKo9D4PTC_4wZGGQC1t7SLZ7tgNZDP_IwDu2sFaG6PR30aH57A0urnh38 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=860098435345&us_privacy=1---

Request Chain 610

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQIF-TCU68NfvFYgQr1IQo6cixkBRRth5zqLylQTMRAg4zz7_ssNdbNKtOnMVHQbfLeyLgu9tCZT9C16ioGgxliW8FoWl_y&google_gid=CAESEBvYDAmsk4Yi-9l2p2ZorZU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmQIF-TCU68NfvFYgQr1IQo6cixkBRRth5zqLylQTMRAg4zz7_ssNdbNKtOnMVHQbfLeyLgu9tCZT9C16ioGgxliW8FoWl_y

Request Chain 611

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPPWFoqYvgqWFUvdh_dUsAg&google_cver=1&google_push=AXcoOmSWSrzbb9pvUY8F51hctXZLt78vdA7M1EpwQjWSW7sN36XOauARNyVimRghFcoV4LrhfKy6IbxswCKyV9YsWOSd5AN_YSLg HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSWSrzbb9pvUY8F51hctXZLt78vdA7M1EpwQjWSW7sN36XOauARNyVimRghFcoV4LrhfKy6IbxswCKyV9YsWOSd5AN_YSLg%26google_hm%3DAyfTXU24ak-VnNQ_62z-ViY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSWSrzbb9pvUY8F51hctXZLt78vdA7M1EpwQjWSW7sN36XOauARNyVimRghFcoV4LrhfKy6IbxswCKyV9YsWOSd5AN_YSLg&google_hm=AyfTXU24ak-VnNQ_62z-ViY

Request Chain 612

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAFbXywLQ7Wkqym9q0pt01M&google_cver=1&google_push=AXcoOmR0HwNmw0OlfTSN4iSoLPB1TDb-E6z6ka-uJbQnN8j8s6KOxrl6qHL03trjcGYYNi0VYbdPVajdkij5Wa5eNJta2OwN2fZp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmR0HwNmw0OlfTSN4iSoLPB1TDb-E6z6ka-uJbQnN8j8s6KOxrl6qHL03trjcGYYNi0VYbdPVajdkij5Wa5eNJta2OwN2fZp

Request Chain 613

https://cs.media.net/cksync?type=g&google_gid=CAESEJSjrTTO_buI4BguiZdSF74&google_cver=1&google_push=AXcoOmR4oQaCRvFH_g2Tp0kCKR6Fov0uwXi_7n7io4pplapSgDga5IQTe91boWoAnEFBwCldJYu1FfCWEjSzpQ9rVKxTKzFkaME HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR4oQaCRvFH_g2Tp0kCKR6Fov0uwXi_7n7io4pplapSgDga5IQTe91boWoAnEFBwCldJYu1FfCWEjSzpQ9rVKxTKzFkaME&gdpr=&gdpr_consent=

Request Chain 627

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A58A9C44F6F54F0D80E9B6C865148925&RedC=c.clarity.ms&MXFR=0DA29F0338176F2022B58CDE3C176157 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A58A9C44F6F54F0D80E9B6C865148925&MUID=1717007350EE68083C9D13AE519E696E

Request Chain 665

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELCA86TvsbTzebKvpeKifPg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELCA86TvsbTzebKvpeKifPg%26google_cver%3D1

Request Chain 666

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4OTY3ODMyODM1OTY5MDY0Ng%3D%3D

Request Chain 667

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHV84p4_ZN4q99PiDT2VCr4&google_cver=1

Request Chain 668

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZhNDdhMWItZWYyYy02ZTdkLTQ5ZmItZDQ3MThiOGI3ZjQ0

Request Chain 678

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEvQUDhau8Mydamp3GtaKpk&google_cver=1&google_push=AXcoOmRA508X2NCl1ug7JJWX6U1NfGfQf-Y76a7qqHqeaSmf1WC9yt12QFNeSHEmHD4f9GJrBxgNllfHB84M67KGar76HbaxDvNj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRA508X2NCl1ug7JJWX6U1NfGfQf-Y76a7qqHqeaSmf1WC9yt12QFNeSHEmHD4f9GJrBxgNllfHB84M67KGar76HbaxDvNj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEvQUDhau8Mydamp3GtaKpk&google_cver=1&google_push=AXcoOmRA508X2NCl1ug7JJWX6U1NfGfQf-Y76a7qqHqeaSmf1WC9yt12QFNeSHEmHD4f9GJrBxgNllfHB84M67KGar76HbaxDvNj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRA508X2NCl1ug7JJWX6U1NfGfQf-Y76a7qqHqeaSmf1WC9yt12QFNeSHEmHD4f9GJrBxgNllfHB84M67KGar76HbaxDvNj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 679

https://um.simpli.fi/gp_match?google_gid=CAESEHqMY17Q_vkFpMlQPI9fsY8&google_cver=1&google_push=AXcoOmTe7ZrIgYXWcT2dYebPyFt45qgkKTPPA6UhkarvcVLD1QIsXrsXnMNvlgbDe2yXLoo28iyT_Mmy5f-mj3VPCpD9zlUAWyfL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=089D1C70497E400383B46583992CA401&google_push=AXcoOmTe7ZrIgYXWcT2dYebPyFt45qgkKTPPA6UhkarvcVLD1QIsXrsXnMNvlgbDe2yXLoo28iyT_Mmy5f-mj3VPCpD9zlUAWyfL

Request Chain 680

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPQCakhEbuen7Lxi2BzcSvc&google_cver=1&google_push=AXcoOmT3vMKO6I833twMeYAFlGMi3mJnBI5ConxPdnAtVQQhmPHq-Bg5dAkUqEgKJPnezp5usU0PJaA7DAzv1Vk4ZdYzWwuuCqDS HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPQCakhEbuen7Lxi2BzcSvc&google_cver=1&google_push=AXcoOmT3vMKO6I833twMeYAFlGMi3mJnBI5ConxPdnAtVQQhmPHq-Bg5dAkUqEgKJPnezp5usU0PJaA7DAzv1Vk4ZdYzWwuuCqDS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT3vMKO6I833twMeYAFlGMi3mJnBI5ConxPdnAtVQQhmPHq-Bg5dAkUqEgKJPnezp5usU0PJaA7DAzv1Vk4ZdYzWwuuCqDS&google_hm=yLXZlC4WQbW0evujkqwSyg==

Request Chain 681

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENcrmxN9m1cBhXTspR_8w_g&google_cver=1&google_push=AXcoOmRusj4ZmMQDK8GEwVoqm1btiDuVnra3x57Zd9nuWvKxyf0ZOtSMzcEO0mimQMS50QkTI5ebJGb1YKJrZaZHAbX7OICVbgiX HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENcrmxN9m1cBhXTspR_8w_g&google_push=AXcoOmRusj4ZmMQDK8GEwVoqm1btiDuVnra3x57Zd9nuWvKxyf0ZOtSMzcEO0mimQMS50QkTI5ebJGb1YKJrZaZHAbX7OICVbgiX&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRusj4ZmMQDK8GEwVoqm1btiDuVnra3x57Zd9nuWvKxyf0ZOtSMzcEO0mimQMS50QkTI5ebJGb1YKJrZaZHAbX7OICVbgiX&google_hm=WnFVY3dYUWxNaUZaaTVIbXdiT2o=

Request Chain 682

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAFbXywLQ7Wkqym9q0pt01M&google_cver=1&google_push=AXcoOmTWzIvyrkzTX-P2socuhOg-i16lnZGJt2QbKOKcVI5-GVE89La05GLmgSznWiaib8BrNWejfOqARQM2pyohnlrYtVCXlZI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmTWzIvyrkzTX-P2socuhOg-i16lnZGJt2QbKOKcVI5-GVE89La05GLmgSznWiaib8BrNWejfOqARQM2pyohnlrYtVCXlZI

Request Chain 684

https://trace.mediago.io/cs/google?google_gid=CAESEAVciTWbO-9WshIfcKiJNSU&google_cver=1&google_push=AXcoOmQjFrtswxth8stzP2VeWDWmuKV4oouIPQBv7tEYkwTkcpmDFYVLn-c5HjCM_B9aBVA_X7XTHN7UjwX-ZObP20yKxpfd2HdvFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQjFrtswxth8stzP2VeWDWmuKV4oouIPQBv7tEYkwTkcpmDFYVLn-c5HjCM_B9aBVA_X7XTHN7UjwX-ZObP20yKxpfd2HdvFg&google_hm=f34e9699f8542d811qowb700lpqgnq07

695 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
folkd.com/
Redirect Chain

https://www.folkd.com/submit/www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=dewa19kita.xyz/premium303&ved=2ahUKEwiOi_TirNyCAxV0wzgGHePeCgoQFnoECA0QAQ&usg=AOvVaw1RYWQXIW4DElKV3FpD7SuP/
https://folkd.com/submit/www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=dewa19kita.xyz/premium303&ved=2ahUKEwiOi_TirNyCAxV0wzgGHePeCgoQFnoECA0QAQ&usg=AOvVaw1RYWQXIW4DElKV3FpD7SuP/
https://folkd.com/

17 KB
8 KB

398ms
398ms

Document
text/html

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

e0b4fb437dcaadf2cdefdf6683164b9e0806690d38039e60ca24931d20a5274b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 83019683a81d7751-AMS
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Mon, 04 Dec 2023 05:18:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Qjfh8apdSjrJFgzgKNPHhe4MPi9AZBgSZ2VmkHc8QKwpvpGV8eHNTxaK0bUU4Vh2v0u3gHbhp602M21j7vCM5spbcjF8X3JRmwTvXd7w3MKuU7oUNtkxWiPycFIye%2Bnl61J0D2zceHqKEqaViAvGo7G9AchPR8620M9ladCaGH26JluzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: Vercel
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-bubble-capacity-limit: 0 ms slower
x-bubble-capacity-used: 0.12 unit-seconds used
x-bubble-perf: {"total":109.2,"percents":{"top":{"bubble_cpu":47.8,"block":51.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":67.7,"appserver_cache_misses_time":0,"redis":51.1,"fiber_queue":1.9,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":5,"derived_cache_memory_misses":5,"serverjson":107,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":52,"fiber_queue":53,"blocks":52},"misc":{"userdb_results":1,"userdb_data":629,"spent_time":7829217}}
x-coalias-cache: MISS
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-vercel-id: fra1::m72j4-1701667098154-5fa2452ce949

Redirect headers

cache-control: no-store
cf-ray: 8301968289619956-FRA
content-length: 0
content-type: text/plain;charset=UTF-8
date: Mon, 04 Dec 2023 05:18:18 GMT
location: /
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1KijxPWuwa79SlCvMYJ3nfShlitLtcYPKEBXVKPaJ%2BPjIB2LkyNMZqZFD7%2FYGhkaIKRrDY2OfNc8njabfIVysl8g0wmKlhg7Mq5HqyphBHWcuesdOnhWy3szr4OPQRdJe4YPikeEvROsKo50bEp%2BK8o2z3bEZ1ygN2TowhlBxxQrbn3uA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: Vercel
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-vercel-id: fra1::m72j4-1701667097982-7fe08c3a3c21

GET
H2 200 coalias_meta.js Show response
folkd.com/ 2 KB
1 KB 40ms
39ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/coalias_meta.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

63048d3da9b8ef24703db0cb353c4bec041d9acc3575b407755a5affda7eb9db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::w5pxt-1701667098557-27710c8ebf4b
age: 222732
etag: W/"162388d1b605b8c339e98419fcdfbb9d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="coalias_meta.v1.min.js"

GET
H2 200 coalias_page_logic.js Show response
folkd.com/ 1 KB
812 B 35ms
35ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/coalias_page_logic.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

09fa48367ecdb31ccbb365e0428d3d7bd7f32f48890b84d2e6c6ab9d2b12e3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::9jzvj-1701667098557-f39f73cf18dc
age: 201072
etag: W/"c01471c249877474d63c6beba5d7cb51"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="coalias_page_logic.v1.min.js"

GET
H2 200 coalias_static_rewrite.js Show response
folkd.com/ 616 B
774 B 39ms
38ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/coalias_static_rewrite.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

18a847f8474bbd62b4a8e5d7fc404c2d3863b05bd4e940750f7bf3fb31c78430

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::p9gcz-1701667098557-2378a852ace0
age: 203582
etag: "142bd05e9b948e2640c9647c7734ee4b"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="coalias_static_rewrite.v1.min.js"
accept-ranges: bytes
content-length: 616

GET
H2 200 early.js Show response
folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 24 KB
9 KB 107ms
40ms Script
application/javascript 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":5.3,"percents":{"top":{"bubble_cpu":34.9,"block":44.2,"capacity_rl":0,"other_pause":0,"pre_fiber":8.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":42.9,"fiber_queue":3.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":3,"fiber_queue":4,"blocks":3},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":279671}}
server: cloudflare
age: 517496
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.004 unit-seconds used
timing-allow-origin: *
cf-ray: 8301968669f201fc-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 run.css
folkd0612.bubbleapps.io/package/run_css/611fef4418f1b196669f342121308fe7dc5187dd625ea61f05492b0d9fdc614f/folkd0612/live/index/xfalse/xfalse/ 528 KB
37 KB 93ms
41ms Stylesheet
text/css 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/run_css/611fef4418f1b196669f342121308fe7dc5187dd625ea61f05492b0d9fdc614f/folkd0612/live/index/xfalse/xfalse/run.css
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 326b1b6d000e21f049d96bc3516ca8fcb72476ec5697e401b8b90054dbbb9d24

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":27,"percents":{"top":{"bubble_cpu":50.7,"block":47.1,"capacity_rl":0,"other_pause":0,"pre_fiber":1.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":39.7,"appserver_cache_misses_time":0,"redis":47.3,"fiber_queue":3.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":13,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":2052323}}
age: 111164
cf-polished: origSize=669521
x-powered-by: Express
x-bubble-capacity-used: 0.032 unit-seconds used
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 830196865af524c6-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 pre_run_jquery.js Show response
folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 88 KB
32 KB 89ms
38ms Script
application/javascript 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":7,"percents":{"top":{"bubble_cpu":24.5,"block":63.2,"capacity_rl":0,"other_pause":0,"pre_fiber":5.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":62.3,"fiber_queue":2.9,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":6,"blocks":5},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":258362}}
server: cloudflare
age: 517495
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.004 unit-seconds used
timing-allow-origin: *
cf-ray: 8301968659ee01fc-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 run.js Show response
folkd0612.bubbleapps.io/package/run_js/20edeea8ffab3350a00f3a4ab4ba3b1b3af378feddf8b8a7b91802654f6d9004/xtrue/x21/ 4 MB
812 KB 132ms
81ms Script
application/javascript 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/run_js/20edeea8ffab3350a00f3a4ab4ba3b1b3af378feddf8b8a7b91802654f6d9004/xtrue/x21/run.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6444389dac37e9dfb38c666dda6a7ec826033c3de18723ad9ee690dc6d446c95

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":13.2,"percents":{"top":{"bubble_cpu":15.5,"block":32.9,"capacity_rl":0,"other_pause":0,"pre_fiber":41.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":31.6,"fiber_queue":39.8,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":5,"blocks":4},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":305838}}
server: cloudflare
age: 130157
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.005 unit-seconds used
timing-allow-origin: *
cf-ray: 8301968659ea01fc-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 static.js Show response
folkd0612.bubbleapps.io/package/static_js/c037552b79cbc4d703309d72b10238440ff66e8c3251b294a82970471fd2d441/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/ 997 KB
108 KB 113ms
62ms Script
application/javascript 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/static_js/c037552b79cbc4d703309d72b10238440ff66e8c3251b294a82970471fd2d441/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/static.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9c13cc428e876371e3b18e93626afff136c05dbcf4c1b1fd40acaf6a9302ceca

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":76.9,"percents":{"top":{"bubble_cpu":45.3,"block":54.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":131.5,"appserver_cache_misses_time":0,"redis":69.4,"fiber_queue":1.9,"capacity_wait":2.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":57,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":44,"fiber_queue":32,"blocks":31},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":5229442}}
server: cloudflare
age: 130157
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.08 unit-seconds used
timing-allow-origin: *
cf-ray: 8301968659f001fc-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 dynamic.js Show response
folkd0612.bubbleapps.io/package/dynamic_js/f048da592645d6df35c5798595d7b8c53550767eb50bcefed34c1e85ee1bc091/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/ 1 MB
162 KB 94ms
43ms Script
application/javascript 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/dynamic_js/f048da592645d6df35c5798595d7b8c53550767eb50bcefed34c1e85ee1bc091/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 62b00c910812c1e8aadf49e6671ff7dd6865e0cd0ee43e214d6d30628f9b3643

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":12.2,"percents":{"top":{"bubble_cpu":60.5,"block":32.9,"capacity_rl":0,"other_pause":0,"pre_fiber":3.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":28.3,"appserver_cache_misses_time":0,"redis":28.5,"fiber_queue":2.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1104975}}
server: cloudflare
age: 351599
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.017 unit-seconds used
timing-allow-origin: *
cf-ray: 8301968659f101fc-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 iziToast.min.js Show response
cdn.jsdelivr.net/npm/izitoast@1.4/dist/js/ 18 KB
5 KB 84ms
36ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/izitoast@1.4/dist/js/iziToast.min.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22756
x-jsd-version: 1.4.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230054-FRA, cache-mxp6932-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"4836-xv1TsKSrwrc/VQJeyyjS62Xbk9Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qT43%2B3ItQjDN2CADF2Jk%2BRV7casryyFKy1GnyAMKhU1FQBMMMvlHicNi2kNjoaQrYkgDfotdBTyyqx6n4MSG7YE3voRHcYAq%2BYyJ9BKAOW%2FxJUjpAYO6k5Jlu3245SOcu5JQ26Yz4Yw1mqYbEqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 830196865cc5021d-ZRH

GET
H2 200 iziToast.min.css
cdn.jsdelivr.net/npm/izitoast@1.4/dist/css/ 41 KB
11 KB 81ms
32ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/izitoast@1.4/dist/css/iziToast.min.css

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22756
x-jsd-version: 1.4.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230076-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"a221-0sbNVM+KbAQMKIRLMGVDt27quLg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1F4aV9rs3tmIRU4aZB8Qa8w4CeWK3wv0jPxB%2FG11rbFrfQ2AiWO5JJo6h28%2FM0LG7PdDBbnygb2GEGNKQhe18rNDm1rs%2FgsVy4YSxg%2FgbYV9BR9bFjLsOYOIn%2BDKV4CPkAk9qdN%2FqqIy%2F1cUedU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 830196865cc2021d-ZRH

GET
H2 200 openbuild.css
cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/ 2 KB
983 B 82ms
34ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/openbuild.css

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22756
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230025-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"610-Hhq7J7BAZ2hStZBftPx+L7C331g"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBlR%2BKwdhMiR2NEWh2ZdlW%2BNXmaLTNs7H%2FKFSq6qG4kgrN3AOXV0Md3GogDcK5B4ki4oaHB5Ojg6%2FwbvMO7dcusmeYXEe9kKWBehGFt%2FijYnc0xJCKzAMH54so6Lj0vxRG7qYf6cfeeT%2BR9bdOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 830196865cbd021d-ZRH

GET
H2 200 xano.min.js Show response
cdn.jsdelivr.net/npm/@xano/js-sdk/dist/ 32 KB
10 KB 82ms
34ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 37095
x-jsd-version: 1.0.21
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220060-FRA, cache-mxp6930-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"816c-y4fQWjEhnwuADXqNUiHMJJo4LgE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ab1bS7bkwH%2BcswA2dKjWsTHsAuyObIOo9UMhnFEKo6ddbEvL3bq9gwCiWpkzMEr1g0SwpqLI5D8UjMGdW73CrNIDjchtz9nrxBbrr0ydhBlGN23r3sLx1N5KFn6oTISzwTGiKYz0ZKGibi4qtnU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 830196865cc4021d-ZRH

GET
H/1.1 200
OK 65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js Show response
monu.delivery/site/5/d/ 56 KB
15 KB 239ms
145ms Script
application/javascript 2a01:7e00:1::b903:5c4c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx /
Resource Hash: 21232df38efb78483333d5526954f4605c3865a0469641b3a3783968046ffc95

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPpioPCo-dQ8fg4XptgkuCgamcydetKT0WdhqAFg9f1l1velWY9S53_FzatIba_yUAxpGYbfOiF48A
transfer-encoding: chunked
x-cache: EXPIRED
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
connection: close
server: nginx
vary: Accept-Encoding
x-goog-generation: 1701496594261071
content-type: application/javascript
x-goog-hash: crc32c=u65XFg==, md5=pfiQZzBlOsbvawqcLtoBDw==
cache-control: max-age=7200
x-goog-stored-content-length: 56526
expires: Mon, 04 Dec 2023 07:18:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
80 KB 175ms
66ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

061d8e7c1bd3457c8e9f9bb5aca28a698d051c45b1b77c222da3b2633fc86960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81375
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 05:18:19 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 560 KB
138 KB 104ms
39ms Script
text/javascript 18.154.63.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-108.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

eb5036bad8662eb3aeca1984456f9d3bbc3ad934ef96c6e46f64a86fbae1d5af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
content-encoding: br
via: 1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 14
x-amz-cf-pop: DUS51-P4
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 21:48:22 GMT
server: Cloudfront
etag: W/"cd52d1197822ef515efcd0a52a691074"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: HXv50-ztP5ARFmJlxt2n6uZq7ciiM7UxeZ9lm4ZhsaXVkr76CE2btA==

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 106ms
38ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5cb5cbadcbbfb5560f7a66eb69a0bc2aabab171bfc75512f5b4cbebd0880a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 05:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 05:18:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 05:18:18 GMT

GET
H2 200 data Show response
folkd.com/api/1.1/init/ 706 B
2 KB 322ms
321ms XHR
text/plain 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/api/1.1/init/data?location=https%3A%2F%2Ffolkd.com%2F

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

daeb8c9cdee78aff968d4ae04c5200b1055a9f0be7037dcbf9ed18a2569ad804

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://folkd.com/
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAxNjY3MDk4fQ.bBgKhJs43WfSO6fHpwUq5bx2VjD9hKDq2ZKuy6zvqbU
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:18 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: Vercel
x-coalias-cache: MISS
x-bubble-perf: {"total":25.9,"percents":{"top":{"bubble_cpu":26,"block":63.9,"capacity_rl":0,"other_pause":0,"pre_fiber":2.2},"sub":{"pp_userdb":7.7,"pp_wait_userdb":0,"http_request":0,"serverjson":4.3,"appserver_cache_misses_time":0,"redis":35.6,"fiber_queue":3.7,"capacity_wait":15.8}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":8,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":13,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":6009267}}
x-vercel-id: fra1::dw565-1701667098669-63214dc2d76a
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcIS%2FNu%2FK3qCrPOi1bKgfk9q%2BCro0OBHmsOQFGElDFLdo66yzn2IVTtEkQojo6p28nYjzVtvseOoxq6Lb1PpvVNCZ0sYETg04erlGnXmXbQPQM5ogpa51QotrRbncttB7PXVmox4QnVP9FO1muIICg%2FZPVLHAQCb%2F2om9aSjBkBAGuCwnw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
x-bubble-capacity-used: 0.092 unit-seconds used
cf-ray: 83019686cfd89a1d-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
24 KB 94ms
29ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:57:07 GMT
x-content-type-options: nosniff
age: 26471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 21:57:07 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 161ms
96ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:28:22 GMT
x-content-type-options: nosniff
age: 218996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:28:22 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 152ms
88ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:23:28 GMT
x-content-type-options: nosniff
age: 388490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:23:28 GMT

GET
H2 200 o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VI.woff2
fonts.gstatic.com/s/notosans/v35/ 13 KB
13 KB 171ms
107ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v35/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae90c0029bb3718a5b2ba8022e9f669f08fbed6fbd4c5fb5e101e3ce108c9d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:32:17 GMT
x-content-type-options: nosniff
age: 377161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13384
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:32:17 GMT

GET
H2 200 ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
fonts.gstatic.com/s/publicsans/v15/ 26 KB
26 KB 135ms
71ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:17:12 GMT
x-content-type-options: nosniff
age: 280866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26244
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:34:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:17:12 GMT

GET
H2 200 L0x-DF02iFML4hGCyMqlbS0.woff2
fonts.gstatic.com/s/urbanist/v15/ 27 KB
27 KB 119ms
55ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:57:04 GMT
x-content-type-options: nosniff
age: 220874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27824
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 15:57:04 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 104ms
39ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/dynamic_js/f048da592645d6df35c5798595d7b8c53550767eb50bcefed34c1e85ee1bc091/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13a98b9416e587b6aac281b68031fbc9fdfcc4e6870925efcf7416251f0ea912

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 04 Dec 2023 05:18:19 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/ 50 KB
16 KB 80ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/moment.min.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c42c23a0a15b19aa34fbf250c2ef3717f98169f8f123875936de604ca03070a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 440450
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15241
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-c9b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rw%2FZqjWOB3gIZV9FCdQsPaHhhZmdV%2BjlvTP0xQOegrhte6bis%2BnjlNmWJmIal3KD7mvrJlSGQLUJ2xA7Y0TLz%2BhfEI9it4G%2Fx3Eos8v3adnkUn8cYupnY9Qhws7QpTYy08ydEQ%2F945NW2JIxh%2ByzwFr9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 830196893d0e01e7-ZRH
expires: Sat, 23 Nov 2024 05:18:19 GMT

GET
H/1.1 200
OK xdomain_cookie.min.js Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 5 KB
2 KB 124ms
42ms Script
application/javascript 2a01:7e00:1::b903:5c4c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx /
Resource Hash: 7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: gzip
age: 1
x-guploader-uploadid: ABPtcPo5W2-GT_qXIKdmei-SLkHDTBJX4rQQas50C63XmvFv1nQ3wtFIGEGZVwq7FJGIE_PqdOE
transfer-encoding: chunked
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
connection: close
last-modified: Tue, 25 Aug 2020 07:36:03 GMT
server: nginx
vary: Accept-Encoding
x-goog-generation: 1598340963244234
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control: max-age=31104000, public
x-goog-stored-content-length: 4733
expires: Thu, 28 Nov 2024 05:18:19 GMT

GET
H2 200 hysaayfb9e Show response
www.clarity.ms/tag/ 650 B
1011 B 209ms
127ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/hysaayfb9e
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2333469322b3e46a20588aa539392248479d55c62f775410a83d9c0e985abcdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
date: Mon, 04 Dec 2023 05:18:18 GMT
x-azure-ref: 0G2FtZQAAAADKZJKrmpcMRaJbheTZPV7TWlJIRURHRTA2MTUANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 650
expires: -1

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK 65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js Show response
monu.delivery/sitesplit/d3/smartzones/other/YAF-145-selectmedia/5/d/ 570 KB
162 KB 245ms
163ms Script
application/javascript 2a01:7e00:1::b903:5c4c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/sitesplit/d3/smartzones/other/YAF-145-selectmedia/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx /
Resource Hash: 9a8651f04e233856dc69a9deb366e6207a4aadd258a2d2ff29d5ca3b76b5f5a9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPrVUJ2VVQpZWrql-KbetGCjZh8lmbjkeprv8Ymf1lUkF4Fi18prGgsafVaHN7AQf-jNEG-WJ59bFA
transfer-encoding: chunked
x-cache: MISS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
connection: close
server: nginx
vary: Accept-Encoding
x-goog-generation: 1701582819925115
content-type: application/javascript
x-goog-hash: crc32c=XI0FGw==, md5=i18YCsrdI0mxybn2VMqsIg==
cache-control: max-age=7200
x-goog-stored-content-length: 583644
expires: Mon, 04 Dec 2023 07:18:19 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 1EE4 200 B
1 KB 33ms
33ms Document
text/html 18.154.63.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-108.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1298
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 04:56:50 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 03 Nov 2023 20:07:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-amz-cf-id: Vj8i50gbE_6mWng1XPAtk7L2xC53we5vr_GMzVWUoYMA9a6ALtZC1A==
x-amz-cf-pop: DUS51-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

OPTIONS
H2 200 me
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/ Frame 0
0 517ms
183ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Fri, 06 Dec 2013 05:18:19 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

OPTIONS
H2 200 suggestedTagsNew
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 0
0 497ms
168ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Fri, 06 Dec 2013 05:18:19 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 fontawesome-webfont.woff2
folkd0612.bubbleapps.io/static/fonts/ 75 KB
76 KB 37ms
37ms Font
font/woff2 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd0612.bubbleapps.io/static/fonts/fontawesome-webfont.woff2

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_css/611fef4418f1b196669f342121308fe7dc5187dd625ea61f05492b0d9fdc614f/folkd0612/live/index/xfalse/xfalse/run.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://folkd0612.bubbleapps.io/package/run_css/611fef4418f1b196669f342121308fe7dc5187dd625ea61f05492b0d9fdc614f/folkd0612/live/index/xfalse/xfalse/run.css
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-bubble-perf: {"total":25.7,"percents":{"top":{"bubble_cpu":9.1,"block":87.3,"capacity_rl":0,"other_pause":0,"pre_fiber":3.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":72.1,"fiber_queue":1.6,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":3,"fiber_queue":5,"blocks":4},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":349532}}
age: 345371
x-powered-by: Express
x-bubble-capacity-used: 0.005 unit-seconds used
content-length: 77160
server: cloudflare
etag: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83019689bf7e01fc-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 logo-40px.svg
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/ 2 KB
1 KB 107ms
37ms Image
image/svg+xml 104.16.224.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/logo-40px.svg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.224.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
x-amz-version-id: NoYri7j3dqGJ_o.0cuCTxKXFnTaBUSkL
content-encoding: br
cf-cache-status: HIT
content-security-policy: script-src 'none'
x-amz-request-id: Z20G5GMKN9X2ESP2
age: 81451
x-amz-server-side-encryption: AES256
x-amz-meta-app-version: test
x-amz-id-2: A46bsWCk/Hd6TO5Q7PE01nZacNDsMdnXwYUXTFzJ/O2Z+64mM7zfUxXRXvEMPt79xOL11LTy/E7vhA0g0yePtg==
x-amz-meta-appname: folkd0612
last-modified: Mon, 20 Feb 2023 12:50:07 GMT
server: cloudflare
etag: W/"98bcc0ebb1abcca0eceef4c5f8ed8d71"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=86400
cf-ray: 8301968a989623af-ZRH

GET
H2 200 me Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/ 162 B
690 B 204ms
203ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Fri, 06 Dec 2013 05:18:19 GMT

GET
H2 200 suggestedTagsNew Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 4 KB
2 KB 212ms
212ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

404b044529fcb04ac567087c7641580a23548b5f117b35ee3b1aefbb90522f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-query-cache: 1
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Fri, 06 Dec 2013 05:18:19 GMT

POST
H2 200 hi Show response
folkd.com/user/ 57 B
1 KB 365ms
365ms XHR
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/user/hi

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

6ea0c8b7ceec5042b33d055ba557f042561920ff56f20aa62b2d310d49a189b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1701667099033x313984444541024060
X-Bubble-Fiber-ID: 1701667099252x124442827807018660
X-Bubble-PL: 1701667098387x677
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAxNjY3MDk4fQ.bBgKhJs43WfSO6fHpwUq5bx2VjD9hKDq2ZKuy6zvqbU
X-Bubble-Breaking-Revision: 5

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf: {"total":74.8,"percents":{"top":{"bubble_cpu":3.3,"block":95.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0.4,"appserver_cache_misses_time":0,"redis":76.7,"fiber_queue":18.1,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":365267}}
strict-transport-security: max-age=63072000
x-bubble-appname: folkd0612
x-powered-by: Express
x-bubble-capacity-used: 0.006 unit-seconds used
x-coalias-cache: MISS
server: Vercel
x-vercel-id: fra1::p28mk-1701667099261-1315874300df
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IBxHUQU4pnWHkwX4DuC3pyMbmVdi1jzKOzqLGz6XKvveoFMJSW6l5oN7mBvcirtOuIMwrUPh4zkNfvyZjvNpcskvb3QHTgoU%2BfgNYIXWrSOPqx1UpAWic0vG0v5vT%2FYhLSoC8oJvv9spSMsNvv7HpIXPwweteQriMTYd8jSpM%2BbGkGnuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-bubble-request-took: 75
cache-control: no-cache
cf-ray: 8301968a7a025b98-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
961 B 59ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356464
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Wx2WSpxyp7e8CbhQYggu46zy5hmJ2BAT3KTi0hnsnRCMRxjI0114kxnezMNY%2F8flPzfP%2BC6Tu%2FtnedFqTG%2BKe2nBOnjDh%2BeMODHoCi2yJa2Dd0qSGc%2BP1mTcrAD8n1MJZxKkbmSJhogJX2kVbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968a88062373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
929 B 39ms
33ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356464
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z51HA%2FSbXYkvzkDCu4OCmMCyssZH%2F7mUnlGlVmMv5P79KQf%2Fc3qBJlzdy5XwSRxK0Ic%2Fb1uCIgmm8ZgW2%2Fp5OZ2oSBvVxWXx3IeObvoF%2B5D0ISQyzAxuRhz6FMmGYwKqmSQrPDAPKW6LrFLLToA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968a88032373-ZRH

GET
H3 200 link.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
873 B 34ms
34ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 432107
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejIJRDusDcMH%2F%2BXnKqGiVmZPX4CeudFMwirG41fcuMNVisXN1Hr7uj1eH4MA5IkrHeixGtzhQ%2FqWlb%2FXi4heGnbWR9O13wvetJF8fsRM70iIek3eT5m%2Fj0pLxwAZezB1g4TVRh8iRSNcg4yFm2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968a982e2373-ZRH

GET
H3 200 arrow-right.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 238 B
851 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517495
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230112-FRA, cache-mxp6976-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PWQlKybXfDgHrKjcNkuHQyeeBkrj82BgOmcsEYKZcjhdYU2RS06KiQNGIU0uZjcJ%2FnJeclTwksc%2FrUWANUDLHyFxouZtGjgXBhpZ50LAKLTArVVjWggmmUKqj%2BpMGQbVO0qmnT6PlQpfQP3cMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968a98302373-ZRH

GET
H3 200 link.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
869 B 30ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 432107
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYYFxMcveiZsPm04L1fuN2oi%2BZEDE9ZdfcIBO2IeBQqneABVJ3ZcGGnfezzB8DgOXkCo3vZge0LJDi9uxJIKDSx1TcAhFdf3QdcpBZNb32RwLAQqeEq107clky4VAjjJgTzaRClFdzMyRjSci20%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968aa8392373-ZRH

GET
H3 200 arrow-right.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 238 B
851 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517495
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230112-FRA, cache-mxp6976-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hBfQzeop7fFfmtjzqAnWBdZxfCTgLqeaTOvpOOsg4mvI1wjJVPGfaytFusq7wqS3IetY6%2BHQEDmamqJ75roppmcwhLImUHtihuBg9BwK9H7pV57%2FmNxD2ZA3mYRZY%2FixZ2OQtE%2Fy6HMJ1lHaYY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968aa83a2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
922 B 29ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356464
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VU4ZTrrK0epcMsLzRhVHAG0mlLv11J2ALc8lYI8r2jgA9VdtjA7Izc0GaUfdxW2sWSmoybUtHoJPt4IFSD%2BoJ%2BO%2Frs87U04WODQNP6%2Fnr0V00dUmEBq8bITlxcG4eBLq1mBFWtprex0OY0%2F0kSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968aa8412373-ZRH

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1EE4 631 B
1 KB 33ms
33ms Script
text/javascript 18.154.63.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-108.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:13:50 GMT
via: 1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 355
x-amz-cf-pop: DUS51-P4
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 03 Nov 2023 20:07:01 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: QeUxwoFRQU0Xr928fxmME0bpzaJ4ahHBHswJUesmwBEVFlLKn9mAhQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 1EE4 0
715 B 499ms
169ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701667099717682
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701667099717021
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1EE4 0
717 B 497ms
167ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701667099717342
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701667099716951
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

OPTIONS
H2 200 post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 0
0 411ms
180ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1701667099322

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Fri, 06 Dec 2013 05:18:19 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 post_index_feed Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 32 KB
8 KB 236ms
236ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1701667099322

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

1042aafff8900191e1382ffc47b47850123c911e7d5514344b9e32e35a4497e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-query-cache: 1
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Fri, 06 Dec 2013 05:18:19 GMT

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 93ms
30ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192023
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 17:50:01 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
20 KB 31ms
30ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hysaayfb9e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: br
last-modified: Sun, 03 Dec 2023 14:43:42 GMT
x-azure-ref-originshield: 0VBFtZQAAAACLNKc335GoS7CyzIk9TnAvRlJBMjMxMDUwNDE4MDI3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DBF40E3F1A381E"
x-azure-ref: 0G2FtZQAAAAC5e9FS2kYKRKRqJO/4sFl1WlJIRURHRTA2MTUANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f972365c-e01e-002c-5d01-26c274000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 113ms
43ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je3bt0v9135293448&_p=1701667099009&gcd=11l1l1l1l1&dma=0&cid=1291839822.1701667099&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701667099&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Folkd%20%7C%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=552
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK xdomain_cookie.html Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 98E9 3 KB
2 KB 121ms
41ms Document
text/html 2a01:7e00:1::b903:5c4c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by: Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx /
Resource Hash: 2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-origin: *
age: 0
cache-control: max-age=31104000 public
connection: close
content-encoding: gzip
content-type: text/html
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Thu, 28 Nov 2024 05:18:19 GMT
last-modified: Tue, 25 Aug 2020 07:36:09 GMT
server: nginx
transfer-encoding: chunked
vary: Accept-Encoding
x-cache: HIT
x-goog-generation: 1598340969597109
x-goog-hash: crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3440
x-guploader-uploadid: ABPtcPpqcTFUyXaeLMXyBgfCqjvPhFZORNXc350UBKzyUFlrVjz67ZFNCkXa2340YaWOt7eqa5E

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 286D 930 B
2 KB 93ms
32ms Document
text/html 2600:9000:2057:3000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 298
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 05:13:22 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id: -vn5I4uKoW2iX1I90RqQBpnI6Uwt1dHYk_CE0qr3LL_pGm-H3ftMGw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 452 KB
93 KB 86ms
38ms Script
text/javascript 2606:4700:4400::6812:2b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4887b618c05a3860e88dd98fb93fcfce39bb5e94f8faa78dca4b0fee48500bb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Dec 2023 04:31:05 GMT
server: cloudflare
x-amz-request-id: 16BQD6PB0HPHNFXM
age: 114
etag: W/"a0107dcef457c4520f5dde0a7d594674"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 8301968bdcbf01eb-ZRH
alt-svc: h3=":443"; ma=86400
x-amz-id-2: c2XKjHlPp9akN8gV9GI1gKp1QLruCF+M0MG31bAHdo6rab8nu4zGCpxNUN7rMsC1qkZ0bta12M4=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 109ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5dbce7a651650a0d0e72753675e83a082ede4f395be199f88fe8a5930aed7d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30129
x-xss-protection: 0
server: cafe
etag: 415 / 19695 / 31079874 / config-hash: 14258460843960793757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:19 GMT

POST
H2 200 m Show response
folkd.com/user/ 4 B
868 B 614ms
614ms XHR
text/plain 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/user/m

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Fiber-ID: 1701667099461x677233933851955500
X-Bubble-PL: 1701667098387x677
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAxNjY3MDk4fQ.bBgKhJs43WfSO6fHpwUq5bx2VjD9hKDq2ZKuy6zvqbU
X-Bubble-Breaking-Revision: 5

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: Vercel
x-coalias-cache: MISS
x-bubble-perf: {"total":11,"percents":{"top":{"bubble_cpu":21.2,"block":52.9,"capacity_rl":0,"other_pause":0,"pre_fiber":7.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":51.4,"fiber_queue":2.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":348220}}
x-vercel-id: fra1::mmvpt-1701667099470-4447459584a7
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVJxzRrcDAgjd05tRaBwF5VL5wvmi%2BXFd7vhgJXgFIU%2F3AOD%2Fgqc6%2Bu5hZOPGFHHuGpPCmhcKIUFGlz8d4Rq1TemI5JGS%2Feo4J6xHJzqesfEmg3lXF%2BAsBrInTVuhbehHYTNgZI4yNiLG1zzWpxMr8sSvfxtpuQkbPj8ZaTWo6APTvzBMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
x-bubble-capacity-used: 0.005 unit-seconds used
cf-ray: 8301968bd910b8d2-AMS
x-bubble-capacity-limit: 0 ms slower

POST
H2 200 csp-report
q.stripe.com/ Frame 286D 0
490 B 313ms
168ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701667099717424
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1701667099717062
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 286D 87 KB
16 KB 36ms
36ms Script
text/javascript 2600:9000:2057:3000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:14:47 GMT
content-encoding: gzip
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 212
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: w4Qq1y-l7Ze0N_aNwEemGdp1_L_XWHZsUcKCYy2OsUg8cvELxHul7g==

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
289 B 362ms
118ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Mon, 04 Dec 2023 05:18:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
535 B 96ms
24ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=13dbd6d9-7ec6-465b-9bf6-6f2e20908649&a=p.d.l&u=JYM01M&d=%7B%22c%22%3A%22CH%22%2C%22r%22%3A%22%22%2C%22p%22%3A%22%2F%22%7D
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 2172957
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 264 KB
84 KB 37ms
37ms Script
application/javascript 2606:4700:4400::6812:2b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 16:04:16 GMT
server: cloudflare
x-amz-request-id: ZZWR3KRXN47D4FDP
age: 519088
etag: W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8301968c4d5c01eb-ZRH
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gP0vwH5qtfd8ADgP0BMP8sVbFOn6Po95WkAWBeMIsYKPUOg74pHgpmLuuEmHJV2W5LOtEKqtmQg=

POST
H2 200 6 Show response
m.stripe.com/ Frame 286D 156 B
669 B 495ms
166ms XHR
application/json 52.40.111.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.111.159 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-111-159.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f5b2811bb2115a9eb09f3390dd78e10d409bfa58491b77042f8eda1023d1ab2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701667099973984
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1701667099973608
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/ 431 KB
135 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:26:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35520
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138089
x-xss-protection: 0
server: cafe
etag: 6648938400208870771
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 02 Dec 2024 19:26:19 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 24ms
24ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=13dbd6d9-7ec6-465b-9bf6-6f2e20908649&a=i.r&u=JYM01M&d=%7B%22auPath%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDW.A%22%7D
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 2172957
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 25ms
25ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=13dbd6d9-7ec6-465b-9bf6-6f2e20908649&a=s.d&u=28f81968-7637-4e59-b276-64fe8525c1dc
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 2172957
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
806 B 33ms
31ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3121
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-mxp6928-MXP
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BprHRHgJMaXHBpTP4SsUp3F%2BbnvsUjDPLIM%2F%2FNa%2F61XNKUIhSsLQOdWl7LiTLulWNe7goPj4bK2Y77uQSO92p5HWLbF43rmE6NWRELLPzLyvNwaNK%2BbyEQG%2BawIez9xm63j4daUvT0uJYpv64E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8301968d3fdf021d-ZRH

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 94ms
37ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: K1YD57BAPFM0SPXF
age: 2364
etag: W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8301968d9986baee-MXP
x-amz-id-2: DjWHCXCly9xrBhX69ocustK0XDl+OkEQH0AwadRjz30Id1WVUPw3Jj9hQPlIH/uggabAVlyu8hU=

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 89ms
23ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:01:28 GMT
content-encoding: gzip
age: 2038611
x-guploader-uploadid: ABPtcPrkeBTNnr7iwEOQsOO1crWmoZ9iqL2ey0CP8aUBoDmjemJ9aPIOtU-feRiw5Wy2dKUFws4yGGOQFv5l4BNB7C1_dbA4tPMg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 09 Nov 2024 15:01:28 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 110ms
41ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Dec 2023 05:18:19 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 104ms
34ms Script
text/javascript 18.173.233.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-47.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:36:54 GMT
content-encoding: gzip
via: 1.1 510288fa710afeb6a45aac9cebbc2c34.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P3
age: 85286
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: EPia6-F6LJ48Ak88P8l0Yz52F4MVPnBONU9Jlf4kDsK9Xkc9cQKOFg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 404ms
34ms Script
text/javascript 18.154.70.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.70.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-70-139.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sun, 03 Dec 2023 10:03:28 GMT
Via: 1.1 9024a47e92638749f86fca30924d4c3a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P4
Age: 69293
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: vwp0CAbXHZpHhbPps4Ju9cHdHIywK_Ry4S3Hkxzi7ubxLd6UukRrbA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 132ms
79ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 7229b3d39d831b8d9e72d09a5041afee
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 186 KB
51 KB 431ms
431ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2397939183335830&correlator=496495296384813&eid=31079240%2C31079874%2C31079525&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDW.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701667099703&lmt=1701667099&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1291839822.1701667099&ga_sid=1701667100&ga_hid=1340743998&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtaiNmsMxSABSAghkEhkKCnB1YmNpZC5vcmcYtaiNmsMxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLWojZrDMUgAUgIIZBIUCgVvcGVueBi1qI2awzFIAFICCGQSGQoKdWlkYXBpLmNvbRi1qI2awzFIAFICCGQSFwoIcnRiaG91c2UYtaiNmsMxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi1qI2awzFIAFICCGQ.&dlt=1701667098547&idt=69&prev_scp=sesspv_refresh%3D0_0%26refresh_count%3D0%26pos%3D1%26tabVisibilityState%3Dvisible&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse&adks=3006380593&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d45acca0ad4275bead10cb1f40152b503e68f2324d4211f5b6cb0d44615125e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51979
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4007 6 KB
3 KB 182ms
59ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Tue, 03 Dec 2024 05:18:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/ 39 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl_page_level_ads.js?cb=31079874

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fdc9998bb1b65f7bd255818faae25b40e971e10880297da69bc7390ba227ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63667
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13838
x-xss-protection: 0
server: cafe
etag: 15153371613945751543
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 02 Dec 2024 11:37:12 GMT

GET esp
oajs.openx.net/ 0
0

OPTIONS
H2 204 esp
oajs.openx.net/ Frame 0
0 197ms
143ms Preflight 34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-coalias-route
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://folkd.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 04 Dec 2023 05:18:19 GMT
vary: Origin
via: 1.1 google
x-powered-by: Express

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
225 B 94ms
30ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://folkd.com
date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
610 B 169ms
60ms XHR
application/json 54.194.196.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.196.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-196-88.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f15bb91ee057ddd53a9ba420110246abf42d52680779a9241dc4d6c0a630f62b

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://folkd.com
cache-control: no-cache
x-server: 10.45.2.20
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3689 15 KB
6 KB 132ms
49ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
server: Kestrel
server-processing-duration-in-ticks: 349748
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 201 B
474 B 116ms
47ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 454c4b12973fa49438bf37fb0fb1cb8aa90374f9ab26c12e7b3cd7cfd0e0b08a

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: e7aec4c0f0a1f262d847059e380ba9fd
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
content-length: 201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
925 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356464
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3uE2AXBua4gPSTvNLhfgU6biPgZjOIbYFZJ1OZZsYDEVjZfRdvw%2BURR%2Bz3mPU%2FPJ6I%2FYjlpt4oXgBVtM38bfpfEaxgfnk2EvV8c1TLzq7gDjtqOZ6PqFMHpi7nVNKdE42MwCAhKAmwLCxJc8u4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eeee62373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
923 B 32ms
32ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356464
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GN65aqk08zVH425vXvLdo3YsScCHkE992UBH8HRKupBYfUFQW4%2FuZBoWeegrVJwajQepDenJhUm1%2FYTBRbahYb1tlqfwdjaIr%2FwrAyegXRPrgBR3hz8kA4xdc4LS6illGh8tCtVq%2FSzohO9KvcE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eeee82373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
929 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356464
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrMt1Ysoo7OeNb0qxnKz%2BxVZAWuI7DtrfLG4iOtmj5lVy51dUwjiJ68%2FXt4gLNuxe9sEoSe4Yj9yHwcXBrzpiXBJyiCTO2IAREwsgi8W%2F%2BJYBmuq29yqraKrlEbS%2BPlrbKF%2BSZgzPS6qC%2FPFV%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eeeea2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
922 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356464
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Re53p88Ywi7hgTKvHQAsXLF1WqtCE22TWDmpBjqbzycqYD6tqJsoiDmuTbAZoa9cmOjIAEC6k%2Bsdq1t6Kt1ASHrLQC8Bq5nvggmcdtzZ3Xb%2FmyBvfLBNofZqw5YTeQyv6ymQa84IO4oST2vyI%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eeeef2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
924 B 32ms
32ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356464
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfxAi%2FgKR%2Fowe6ZGjU%2F6ahhpdUkBO0Lfh6kqq06svnaoJfgk3iaxKtI3ZFRUAimlaHvaBaDAC0ytKIIxOwtRAtF2wCDAIw87%2F37dirTNddPMzdlSwAqF2RMPEW%2FD4bh7shYaSJw1ZxWkvgiIa1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eeef52373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
923 B 49ms
49ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RsywtLdXdwdgcYhTSCXfIaOEklUyjjiOPHy0rM3pdmPbjfUZuuyxr4HpL66n5efKWKcOG74Wv8K48j%2BH6G6mO6IDPgosJChTzcerakTeLu%2BHMs7C2GkKb%2B3QT6ggZ6RlZfOWYmXozfFDddkejM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968efefb2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
929 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356464
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSHvkp%2BJ4r6P2xjMGr18hMujLqYRSBriGKbJe7Jf%2FuN8i3AafXAX3C%2F8LN5FGQ9Rvga%2BII0F0UdJogFqJtBXf2muIMlWr3EorF2lKnBV3oREaPei%2BFA6PMr%2BM4fyAyN5MsPpe8%2F4moN4%2FLq4frw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eff002373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
929 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356464
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tld0OCJI%2FXviPG6%2BcO%2Fx0wcfIx0Ka%2BaW1PzsQG5L34i8341l3s%2B2kiXTTmCUSI%2BXsUZVdeo7MJlocLU9Ayw5JnWtpIu1f5ExuBgZoeBrL6TlQGbg%2FzVMBhHHt08uBS%2BRyUJ8ePUC9KVhZyfp9pw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eff022373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
924 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356464
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seMdMWkYYmxJFVCQrl8MrCb4Ps5UQCkmDBjroIF%2B1a9FcuOYjVCEwlXWogxJIqmk1SsFYolsUZ%2BWPanvL%2BG8P5L937chcYhFvldTvasj3NImcpxriGzDd7jKQN5cy55Pp4EJ%2B9UXjkYO78Kaz0g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eff052373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
922 B 44ms
44ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eh%2FwtHfnNIKYhs8XS2Rr355HL38cPGOcRYOoFjzzsz%2FkRKxK1nBFRH5wSwalpDItRO4M5VVE3VcxzBEVilYcyBxOCofniAVFF1cy%2BdtgC8Ps7wEy3aq1R8xcGr6lnAhlNHDEulyMPffJrxKSWlA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eff0a2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
925 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FxsTJwZeAtML1tI5JTInaz%2FY4fQmEj0Rv7KsTOZtt8j6OaBRgZq8%2BerKWrZO9TrFsWXPAq0Xh19CkiKo2o8GX9q4achIzDUrkxlO%2F8lXVJ4fMmdbeR1Zv6L%2B6jzlya6rQSSsErwfPH9bXsEnhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eff0b2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
923 B 32ms
32ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcnjQD2KZSsnhV4OnvLwUM4s2GlsDZ%2B9nFAZ7MeDNnehKPQFANhjSSCTdBTd%2BzUXQiTICW7eCt6Z7m6NYJ8JLyzC0WsNEgiZBnUDp5QJT1matFSHkwguccSd4YNro5MlSc2d14%2B5U9J4OJg953w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eff0c2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
921 B 29ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8b3ryZbS0TCuyPXOhiH9bdB3aMXEVPP8oEHW6qXZ%2BXiiYg7fC5p0GubDgLjChxB9fWHqTkYspjxlBmTk%2Bpj1Cauqfd7PEd0PnZTfPtIK37bY3F2ZSO1Yg5nA6oOQttLCqnImQuVlSmZU6Bnbt00%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eff0d2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
924 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POYzP2fEEv%2FsXGxPnVThezDfhhLUx2ynXp%2BJczd9rI55GvGR1I6jwHQANmIzAfxIJ7Svsttd%2FlMN2HtZ6vKDtJMByaH2ri4LpD%2Bux9j5x7uUv6asEu19GQT1zmlYIA5mdUFKISbNDSVRlm9gvaA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eff0f2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
924 B 43ms
43ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVA51HdlvhYVyZNZhC0C3Da05Rh%2FAF0RVhFFDEerEt6BbJOeOHeblF12%2Bgw7H%2BY5wy1uXiLkm1l3ElF9YoWOwVF1TaRMJyy5uthxfwc%2BX4xdFpXLPcU3qRGpJxDdUhLXum8Q6ixlhH4QYSpmVAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eff102373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
925 B 43ms
43ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwwlouBqASvtuzp%2Bit7i5t%2BfGyvhq5%2BgR1UlKvqqN%2BiuirjDQ2n902ksQYA41htZbjgTA3%2F7nSuS0zD332grOY9i4KtSdsECMcwBfllbQYPA7AxnrH66k4bV0YuRhKZMFmMDkEx%2F3App0oMm%2Fao%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eff122373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
924 B 44ms
44ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAztsMuquvGj1ZwNboh9jKcNyAd%2FUkmqauJMaFbort0ghypF0VD2c7uisfP7JrwoyIKIGeFG2I%2FiiQ%2FgLVtbc2le8BU2XE8eCBEqJZoiRO4YY0pgOCLuSfY1%2FsYWVBJuvgctBTc0sgW5BSWp6T8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eff132373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
926 B 44ms
44ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCJBb6SgjhraXIiYsHks9ceDgJkEjGYpsjLWUv%2FcTLefvR7CDlecl%2BU6yrGDdhbIA8MOeL2FOG6Ch56BFk6sARYzYWNwp4n8iWRYhvm%2BmGc8BrCpaSz8VH%2BkDbhGYew%2FWhCB4jXUUlXvzJ7jxX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8301968eff152373-ZRH

GET
H2

200

pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 8830
Redirect Chain

https://google-bidout-d.openx.net/w/1.0/pd?plm=5
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

572 B
695 B

39ms
39ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 574e4a5ec3c6c9aadd8e0b7852e206bb20c82b02e96f6b66d8ebdc3f0aee5e54

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 372
content-type: text/html
date: Mon, 04 Dec 2023 05:18:20 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 04 Dec 2023 05:18:20 GMT
location: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3689
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=folkd.com&sn=ChromeSyncframe&so=0&topUrl=folkd.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Lf3ISnxxQnpaN3dIZzVNSEhxNGo4RkdySlBCSGZtR243NXlwMzB5b0p2R1dlR1ljU3huK0QyVHRRbXY2bktnOWkyWVNGcnplWSt3a05tSjBwZm84dURhMUZkM1doaU1KSU4ydWNoNlpOUVEwNnBjVmZyenVGTSthUVZlZC...

431 B
654 B

44ms
43ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Lf3ISnxxQnpaN3dIZzVNSEhxNGo4RkdySlBCSGZtR243NXlwMzB5b0p2R1dlR1ljU3huK0QyVHRRbXY2bktnOWkyWVNGcnplWSt3a05tSjBwZm84dURhMUZkM1doaU1KSU4ydWNoNlpOUVEwNnBjVmZyenVGTSthUVZlZCtDUGpONjJITEs0Z1dQNUwrUTZueUsvOHR4Z0czMXRBenRlaFpjenk1Rm9rdTR2N2IxN1JEOUlMVzNySERoOGljK1hoTXF2WW56OU9DZ1Z1czNNQXA1NjBiNGVnaGRUMGhOald0MVo1WXpZWXZsQjB5RHR3cnhOb2VXemtYelR6U1FUaHlqY0V0eVdSNEx6K3gvbWhRYys2NVYwRFZQUT09fA&cppv=2

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a4e9f915b9b49a75d3d62bd5772886bb506dc9daecee1de821a1613cdd709415

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1445714
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Lf3ISnxxQnpaN3dIZzVNSEhxNGo4RkdySlBCSGZtR243NXlwMzB5b0p2R1dlR1ljU3huK0QyVHRRbXY2bktnOWkyWVNGcnplWSt3a05tSjBwZm84dURhMUZkM1doaU1KSU4ydWNoNlpOUVEwNnBjVmZyenVGTSthUVZlZCtDUGpONjJITEs0Z1dQNUwrUTZueUsvOHR4Z0czMXRBenRlaFpjenk1Rm9rdTR2N2IxN1JEOUlMVzNySERoOGljK1hoTXF2WW56OU9DZ1Z1czNNQXA1NjBiNGVnaGRUMGhOald0MVo1WXpZWXZsQjB5RHR3cnhOb2VXemtYelR6U1FUaHlqY0V0eVdSNEx6K3gvbWhRYys2NVYwRFZQUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 275205
content-length: 0
expires: 0

OPTIONS
H2 200 post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 0
0 180ms
180ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1701667099322

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 05:18:20 GMT
expires: Fri, 06 Dec 2013 05:18:20 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 post_index_feed Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 31 KB
8 KB 205ms
205ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1701667099322

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

188970294c038ff63152c4d5a24826712b55357208fd221346d1b2711e418c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-query-cache: 1
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Fri, 06 Dec 2013 05:18:20 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 24ms
24ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=13dbd6d9-7ec6-465b-9bf6-6f2e20908649&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 1895106
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 299ms
299ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2397939183335830&correlator=4428998628823902&eid=31079240%2C31079874%2C31079525&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701667100141&lmt=1701667100&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=132&ohw=0&ga_vid=1291839822.1701667099&ga_sid=1701667100&ga_hid=1340743998&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj6qo2awzFIABI7CgpwdWJjaWQub3JnEiRjNmRkM2FjZC1iYmY5LTRhZTYtOWYyMS0yNmE0ZTIwOTcwNDYY3qiNmsMxSAASHQoOZXNwLmNyaXRlby5jb20YtaiNmsMxSABSAghkEhcKCHJ0YmhvdXNlGLWojZrDMUgAUgIIZBIUCgVvcGVueBiLq42awzFIAFICCG8SGQoKdWlkYXBpLmNvbRi1qI2awzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGImqjZrDMUgAUgIIag..&dlt=1701667098547&idt=69&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D5__notchrome%26browser_hour_refresh%3Dundefined_5_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=494828697&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c1fa96181647a65de9b79fa1236273e9ae7543d49ec578419ac25d4aa841489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23743
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
896 B 55ms
54ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1nOWOiT4ANqbG2%2BPSxjC0VaX9WO2%2BjVR6NaDNJwuNwpJM9oHyHt1k3lokSLAXoQvEJUO1h02jzaw8K%2FPsPwfBprdn6iQbV8b6NHtcpatUYhG0E9FWkDR9lgnDXHi8wcUzv24Eg3qNBwh4REb4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196923c062373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
888 B 33ms
33ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=af6VNhBUCY74s8tj7vWbHX5emFS6jCXez%2BEKU5%2Bny5NR9LalOKqOAuCPxzmg7swKcf77IdRE0xBe3LZLt8hBcEQ9IREAqq7bvQj13Gw7x8tZcC0VGjn7CQ8jSISnP9%2BtdcGWLS4ayh8MrvHQM%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196923c0b2373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
904 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J86P1j0PoF9tF825XCgN6k3mm6xPIO3ehun6j4nJAXDN7haBfhANJJyB5XqlZMq3fLsYLf5gauSkNZde22l1gJWIR5cC%2FAg1OEtr3e3JZXO7YnBZ6ypeZH7MQSdPrcYJqBPOCw%2BflP543%2BI5Wqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196923c112373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
893 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwncnkqm6KX61we6IO0ZEujpQBrqbNDCGR8cqOrQx6Qd3Q06f73DPPG8JDETkSJYhX9aoLh3iHeDqhMh4WPZOl9FLSItIKWGOU2qJvC5uvJBxR03Sij5lzw3Ir4cJhMyMgqnOpiCwNvtwjrc8sY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196923c1b2373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
891 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxhH7JUwiQubQCbzKqEuw0k9sof1yzxUhEX3u9WW%2FaNZHfqOOV4q%2FFoB8HjXGXsqhAVaKU1opBOOE7zPoNpmX3%2FAcRQ0EaQpuEpwJpq3PZzdC6fugwz7d8vSYQjV4M170u3%2Fq2IlLNw5W6SQ%2Brk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196924c222373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
907 B 30ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIdgWHUSvS%2B9xtG7YzOu8cz5AFQP4aGmNQeKGR1uQUtJ5JWy6ikDREu6hEg%2BpUXPVIr3pO6T%2FvHWkJcBfQUqm%2BydHdc7LA5U4yntyqpAvXeoo9TIX1dL7NVkYxTavUchaCsqY9jDSAocKpj%2Bon0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196924c282373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
901 B 36ms
36ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRKNuC%2FrF3eaK%2BQT9plIk5jQhIX87a8ocsZO9OUjkaZlGL%2BXpCamNPzHuAHhUZloh1nOdUlhYcnqOlaFH70WRMP7UTpgLNoCiIpf3xGTCwm49Z%2BZmxwUoL4MCb5dkdcxgKTaJ%2Fueqm2O5ToX3yg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196924c2f2373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
892 B 38ms
38ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeuAzDfRzFrAhShPbLmIb6mYK%2FXET2SJFQrDytVBYIsiP8005VfQiee8C0pMBsMltwdHQPouyUe3eYzjtHmXqXgUYZMbl%2B%2F6jS%2FS98dS4e%2B8%2FCis%2BNBOlLG0zF6lVhRLOw1cm6KEATNLH9V2G54%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196924c312373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
909 B 32ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05%2FHmqC%2BlwfqP4q2JDUbs5dS1cnsEdc8dGlmin%2Bqx7RbD3bfOGjDiefVVwUo16PAwvH%2BTJ4V%2FxJ%2BgVshNSIpva%2F7I74udAjUSktzagEtiqVWq5xwumipkcwmE7HPbWtqYrnmimS%2FeIyYuv1ywUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196924c352373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
896 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqP1agXFl4b4dP7CuZ2uledLkgz2Bmymo0Pbk3UoV8PISjxq0zDh%2FO8%2BCGksaMUoaj%2BQDe5B0WZ0qV43FbvsK1nuiiiva%2F4jNsWUt59AgHLVdF2vxdldmaJ8hjZy0QqIXhf3O01wiRqAtmkfHkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196925c392373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
888 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6ZDi54zrteeFxUXiOeGlc5MYkA1D6ny3sZZNDdcs8G%2BUz2mXXl1Xp8NYlUuTXWhJ179Ffhfh%2FflscdqS%2F1LQ5AJYUOPpoV%2Ba7ASl1tTg1YCsJm8mpSQHkjVkNox0YmPCtsmUJn8SdS1%2FQG0lA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196925c3d2373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
902 B 32ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXdHgEbL3VhZRKazQuxGUSKcak7ziMVuJtHWyHwAPKQqsnyLREhcStV3IqfDbckZlowTIesy93rmL%2BGUPgYWcM2hEwdQEYPUVaJBdjkt7TZLh4zRf6R6c4tb9vTPXpQnkDZqRe8mC6A4n3upTU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196925c472373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
900 B 30ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xVDwiENe8DVp%2B1%2BSiaNL3mw91KemX3xc1HTrrDVOE%2BMEN96wHo8PArHPV9jhB7xqjQltJOQLwQFfFWgxfA%2FS8adfP7xIVTanJ6bXI0IzddXQEpGQbsurIA%2FZQQzYSKkTHJeiwvdixDRzm41mRM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196926c492373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
883 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9odJxyijNEobIaL1bdFkmNCaO3fSsThjF1sSZIEmzIsug9fMP28f8AhEChBwyYxZfOqxeZEEJHpOgwv18uGb6GJ5SqF7rdslwFlF6r7t8UiiW%2FVkmXVzQSjbEuCrcr2BxsGj9XPHaxNlTHdL0c8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196926c4a2373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
907 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uriefhML0z0vasDfYEWIfHvBV17WGIKOtRUhkF%2BWHzgz4d0yPX3fasgDxzOwU0Iq3B7KLZd9H1IJ7Hu91imLgVDeYLi5Sj1xCWO%2FIVynDNl%2FSidt5%2BL6qUs2RZs%2BAA97Jiz8O5vC8idd%2BH7des0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196926c4d2373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
896 B 29ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8OTO4pxWe8wGgcXOPZh4k2BuIKXzP9%2FqOdEwt4MMzRGxOnDnFx3XVgaSt3CVBCe6XsE4SMToH%2Fb6odmTeg1sPiaVgFwDM9GZ1a5ZcEnU%2Fe2S5ap4juoIJMwv52Zx5aUc9EiG0DZqav0bIDuhZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196926c532373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
892 B 29ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beta%2FlyFNiyADV31xykFWY2O8vg%2BEmHq%2BEt%2BBjKUhcNagwhJttMna9hOV6HOp90WHbyPbdbkKUst2QmGMkU6jx5Cm6UygCnwvrd%2BgEN9JCYH3L8j7O5W3%2FwI7IdTzaFcQjem8d%2F4qGlJ4mzu5jQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196926c5b2373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
912 B 28ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6p8MpYD%2Fx5LowlZvECxiHrF5rO416K%2BMtjgdyBaejzx9Tx65VWSqaWKSpLsu%2FAW16pDtQG54UFBn4H%2B%2Bycl8NfNgPoiHFvLU%2BBlg%2Bn3ieQRv%2BoOUJHQDgecI%2Fd1EegXWCFuKJg8jAiXQuE1iMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196927c5d2373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
897 B 28ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FI9wlaZ1WViTcmuv6N0IFWSymeSGaoYfLiDNn7SfeckfO%2Bm1IWf2eApa3wH8NH50ZJ8OG1TpPlDQTXkXS7MPxjFvpfcFK2Ouo5zMHjpJiR3iheCYr%2B3oSVyph55qB2JkHE4BEfQP83FNR%2BweAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196927c632373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
888 B 29ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGqms7ECkWfiORAytnZMysuflQGwEtGsj8dADfmibMEoyZsHSxygEDsRngS5%2BO2eL%2BLPA2p47tG6L%2Bb3JK0c7NlKEWJfglVK0l7%2BCrcrkdhHnhbDjcFh%2Fj1u7r9GUBKY0TKuHTbfKS4X4NFisCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196927c652373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
902 B 28ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlI4gbj7CPi9J1E3JjYpUFTpXh%2FCd1wSzxS3kdCSCC480pOFMT03WK1PJZwHnWoJ1cVA4I4bc2Uri%2FooR1dnOT1pFiJpahHlPAiBKRE%2BVojyeC97DAt4v3DgiB82OC64dJIHJokrr5scPVaGsCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196927c672373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
893 B 32ms
32ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FnqOKwqUkSbwAQhj1yGq0wlJrAfoTAu%2BTikcIwR9CehkSrnfysI8AvQkkXr6w12wXU7e3IzcJ4VbZRQ5JIAFquGAcUWg44Hs5j6igXKkgweUdWg2sswixBChrKD9HABgIXemAXdgGtrblLrEeU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196927c6e2373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
889 B 33ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRBgqiG9ivGmZMJZmvG0q%2BVC80Jx3nKUWCkDZYMi%2FHxEpINuLKbZafkcMRqRWCb9EoCSyQTYYnnrjkNhiFudYCwLvIcYEINAEeJErAKUyi2yv2%2BhpVwQLfozt6ZShbqWzC9LUM72LZH4YVVhRAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196928c7d2373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
909 B 35ms
33ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKAdYy1QQ2%2BGrowhpluyvzfTeqa9%2Fp%2FsNUuZ2QIKhKReuYZUVReLd6iZtiATjv1GtUvUx3ks2d7dqDPkbZUXpIN%2FoQDyEM9CI37TmxjCGeH%2FIeJ9Ovxbf85hI67ojizFZO%2B6UuwLB8t3pB6%2Boys%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196928c802373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
904 B 31ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zN%2F1B2JYYfzOkM9u9glKyjYIHvOdt3e%2FqmSbD%2FvSCByBrae06RPv%2BCBYqktwGvgekvusm%2Fydmq55ZdTjGmIwp8%2BgyDlX%2FxHcYfulzxaJvvG9ICx28goAq54DklnuOR9aXy0roBlAnhTiIot%2FdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196928c8c2373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
889 B 31ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uA7%2FhcgCC3AtiJhgUz79WC1NvJpcBx5pAU%2FNkQsCT5pdTp1t6Lmp4%2BE9qcNWyZKeZE%2BiP7bK8m72JrLp31KcxogvYpTB0ZCSZNNLYpZ8gBwQSGnPP37Bo4%2BdiDCPJ8UOmoOIiQNM4Mqqtn6iJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196928c8f2373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
910 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLcoo6aY9tkOsrjzb2nUsGr%2FMdmiLFGgFHovKw3NyiOn4uXwbZ9Fyjqnd7sA0giBMi%2BZ9V8%2FL3BDoXZY%2BFZidG%2BoYHKRlH%2FQ7KMoL5W6LwPdh1jFgw97G4%2BPnOXiYjU0eneGfRtK%2BmelNbATRX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196928c922373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
905 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6EmcyxteosFdYqKpQ%2FOnnLROZ%2FKbJ%2BztbZuVNhyQYz%2B7hN3uFNtENuAxOT%2BucfqxVDi187ouz%2BkhXqAwWyxIx6XPyFqi%2BP6Vl7E5slXzD4R9vGUZG2HGWYHqWcNyh5%2Fatn6oPe1JQGXFZ1YH3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196929c972373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
885 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aB5BYShZ0QtXAAnz%2B3lAb%2Bk12poMo6wNOU5MmND2HoHfLMnmuufGS5GmGxIntjoStJfAcfrdGeEdkug6R24bQ3hJEhdipbVmXqKV6xwosImi0fZQX7TxqP9wtGq5OyU0GV3otBbOAyoIN8vF5%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196929c9b2373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
904 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2Bj3yTimQe1vnBxtV3UULpN0akq0IaoB%2Fpjpzlw8cKWkfROg3X7FNWbTU4WgRYLP8Moj6wAAOtb%2BvU%2FrriGEyADGpXQHQK9TnTE59RRovdkb4OdvaE3efaYCENSsVMsVhHcl0okaue26gjSBKe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196929ca72373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
902 B 29ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5F4zojqmFayi7%2FbQ835Yq2MUlS29KDHFhxk7X7O4M%2BjVIlPq75Yp3isBh42ryRaNdN9j%2FwkS0k1%2F1p6yEr4HwwbAuYrq47VFX6dv%2Bsdb%2BdfL5bNGGqp3NPsGl%2BVrRS6ibvyaURAYUWcBIjPNon4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83019692ccef2373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
886 B 30ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSv0q7rRmlz3c0FogPml3uxdazDuVJSjBsAF8v3qn3AinaXxHyAPEUw8Q3T3JAJP9BQkL4hdDt3snROf%2FFEzFNG9VfKMFca%2Fv8LA0pkj%2BYYe9YBCgHVqL3N6PjMn3FibssKyhwoz5uIZ78TgbFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83019692ccf02373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
907 B 36ms
36ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGJeh%2Boi4totI518EFxOI1muzO2wF1v0w6PlcsSUxEGeoSkY9m9mM1roryAqnVXmWBPIAU7sjdcDtn2ulGvVWQC%2BWJo2ONUQxZ%2BiYgi1yGOxrJ8sCf%2Bw%2Fezax8R5AS3g2Xi7v3CQcHr%2Fr3%2FLPFk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83019692dd062373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
896 B 29ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOry6tyVD2uFbSbn3xXJMlTBhUmVgv1qCbmPViNHkzD4a3J6MRJg5Eqen7FZLJsrxF15n7PzXzS6TDI56MWCzvuZELtpNIbss7jkXn8toq2PRbx7MUvP1jTDc3rSYXj5M%2Fapupp%2BGfmVSqBkgOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83019692dd0d2373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
890 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLPBecrznIguFphqodBjI3TVEHb2L7vusQwa8FaHPQiPNZzi%2F8u8m3R%2FGwtIPrng%2Fedo%2BXwhv4LHf7G9EAQArN4fErAUHWenWINRX5JV5EzK0pZrhwrOe67Jlbx6wiGjxHPhVuzzhqVGnFXKBT0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83019692dd0f2373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
904 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GlAIYK1iyfhs%2FqqilQymntmTICNhdP2yn0AujLCIrz%2FxGdeCwl%2BzD4FLs9ucCKjLe0U6bbsJLoFmRJHfMjR9jhypjDQ5d39XZBdpOKbECiT845p2KN0bFtnwbHPt8Dj%2BD3jJKVlDst7ATVhURw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83019692ed262373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
894 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1xh96Kp4OiVUwn458V02ytWRuu%2FHhRXYL03AJNVdxe4XkNAT0QxMG4ochVpwp2aes8ID3DmrL7r%2FcMw9NrJYDrESnQbFi0tITyFe2vIytIHHnDGSZ7y7vJGOQpaeE9fl9O38AaOg6MjhDjBtuE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83019692ed272373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
887 B 32ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpfbB%2BTkFLTe3wSk8T14QkD3hLGWh9JHA5nuazFYbxm74A2JU1RYXkEf5XN8cEXv%2Brmlmdr3DOSe8XFIuWcynZ24LQF%2BrP0ENkSQKuLLA0k5XAvYMjOooyMG1Wj2rzlrpuV6aS4KpjfS2PG5wro%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83019692ed292373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
901 B 33ms
33ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eHd5RIExm4uo3x8autU%2BS9jSpRP9%2FJK3QsD5rfL2gLCFxd7JRXn6TdD1xeVyPIdLiDCcMl41e6KnjAuo4oUm2KxUPQXZfgLPGWb6u2KTlXypN1suYFjUt0pGhNUiG7ktMAIJ8PlkoJDpTk6qH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83019692fd3e2373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
892 B 33ms
33ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJoYRbdfmOQ2nYiLBc75AkHxBclmumWKwu4a8ubN0nGwdQWcsXuploTNYD6c4usSixdjwQu29JdLkOw1bkrTAWEQwA5koP%2FCjMMUTQzp2ach95LpTCSXfx6N7CB4ES802R1ZT1CYEmcEnbrUbNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83019692fd412373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
890 B 29ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuIyGAkjWjHjfpBt%2BbOVWLe7PCqn0xMAqcqtZqFGntNf2W5JCwF8N1x77fn0jSt%2F1oBu1qoVG7NAOL5Ns%2Ff%2Fiq1xLdv%2BUw9FG44ykYrKiUlO5PfkhF3urfxXKpOPuOeUMIQYrKfQztBwCB8v7Ys%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83019692fd432373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
913 B 29ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NS4%2F%2B7GhDfOt%2FNg2R8iaWxyNCUSH7d%2BteI1ybeZ%2FkKrNKi%2Bp0XLRdNy%2BBVRFP8qrJSg7sOz7c1yv9xLfAh9KnHBbhKGUTyKRjB7YPF%2F40RIz754lFecBPlxT5Uu5nZ13VlRm%2FhOvRG3hGD7RAsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196930d602373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
894 B 30ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7wdgpjIh4hppFZlhfjpdJjT6pTTH8LS5zCBFHrws08LyJuOaFtk4J0SHx66cahxTwRHfZweuRV%2FZvEk6mEe4lecQXMr%2BVocktdu2WvLWS5QRuY9o6qXxWXntv3Y9z25c1a82bRLgK76jh4MPUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196930d632373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
891 B 50ms
50ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pktMBvoisCyuUnOiFISWq40BwtuaScx%2B2u3t14%2FL3Xay6UmQ6BCYXNFbrcTGyhBPBAwnzRkfU%2FE0xhvKW4K98WhMR2mUur%2F2GCd8uXCDyvi%2FIQ%2BZyOxXxNSPNfzzq2AzbMB1Lfa721TWEJtFUs0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196930d662373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
912 B 29ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FA7D5niae%2FvLjXpriZCs5Vm0qU%2B0ArYI%2Bqk9K%2BX2WFTbN8JkENlqhUnFUjo5QmBqz4weXDYFf6BfuRLFxNnb4QsvH2Ekfw%2BHwp8ddxBVFMxe4Zk8Kut7NZrfQP3%2Fm%2FX78egUUGMpdKdd4Z4iwQk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196930d6e2373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
896 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeQLK%2Bo%2B1Cw2Iii0EfbCiiKJPMqiBuTpD8vLPuaZQ1gKou%2BnoeSqi9EXZU0XV0QBSncKp9fv8grhhRdi3hh183zoAeR8FHj3FEd%2BPpuquNfkCpppKsgAaV4Jr9Th%2BNAOrcPOFW1yMlzec2sv9oc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196931d722373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
889 B 28ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQed%2B5VVwcig5iED8XsBCIda3AoTaWtWsLeuWGicU6%2B%2FQCcAz5e1qopVx%2FUkQnyj5qkDDMsALMRicRoY3fdgb7b7b2wFvUOgKgfvJvDAGVR3V9%2FGXosWuvScDvz4xYjo%2BqEuZE4U59p6k3V7eFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196931d732373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
902 B 34ms
34ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZJ4J1cjLFVuf%2Fxq5xCYLY%2FhFloPb1PSf%2BF4gYbvmC8tJ4dqAVJC5kcjuSF0KaScoSBCx2o6WOsQlA03KoooW4MyoOhaVWCO4wVGlcLLLxZeGmypGu6oFYXccz51G0fBbaRy8nuby8q673yuyiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196931d842373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
899 B 31ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfJR4xRgZ%2FpW43lbTS496H7FMotjlNjmvEvn3HRTRkIhn%2FOrzDg4H2MFfMJoIlAHravFM85bfbnnrE9Y2s7odIiAFPHTWPQHuLj%2FeaPRTTz3CURX9p37sTArJDlUuIiMU7kFpoVjqLICkq%2BL4lU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196931d872373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
884 B 35ms
35ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zo7oKE5cGcdP1sln3z8JE2UUXgj84EHKNo2tBMSLY3xvooDO5L14UjkunziSrc4HLwVGQOEf1fuNc6cErrhFxXEfBansIey0dxJELdQb7Y%2BWVA7b9%2B1hLl8Dqj7jrtDnOCNCAb5fTI8hpREZFP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196931d892373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
907 B 34ms
34ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2F4gWnxzZG2vAzF2tE%2B8GE2mM0MqqOyHFWALfz6wrTVpxi9FuaJPyz%2BdOhxvVrXFLqlmQsJLErntn5ZuHup%2Fz89ZprYMMEefzuWyLkBwHA5h41u4A5bTL8k9OATox74YnuWmfFlIg6BQgpzYcS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196932d962373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
896 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cF2Ed9cygw7rtNUSt27uMrrzofibkTMl7SNE63B268EokYMu7Sgb2adlEkAReEZcIT5oMK0O4hc7AFxPtgj%2F4PkSfO9vtkVq%2F0ikaNI7IRDqeDYvY1b0fAU8nfQjheWlE%2BqUszIYpjrdOb%2F3l4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196932d9c2373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
888 B 33ms
33ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOUMfNCwrYQrcjCmpdDq45CT2vjo%2B9gDWEjFaxs6M6a6cEI5BR3U04fNEo8%2B1AXZ8tg6DkHJL1dZCeKdKigHqrQzKFBQVvVwM1oatSiHNWkXY2Y4rIZffoWzPzFPJPWwgqrCF%2FNeZNTDodJkEkM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196932d9e2373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
904 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHoq6q9Bh7Y69BnKmjJv4kEmHjNo%2BAFxy%2BV8XKQQrjZXPZ0LNJxDxX7qGzYEeuyxHcV2AncJgbbqb4joCWRcj8LBqefLms9urhPNOsgXzdMS1gW9ROgPl5DfTRhPOPcJDHwot6HjSHH8qrJhH58%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196933dab2373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
901 B 29ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VI%2FXvTj%2F0ucQWlo7MQJ3H07x4QGQJqVgEia656LOL7cniXZouduKvUiTTEVPYx6rpQdNkGMOIPDGwrzBheAoBGckfWm9mzEcz58MVxtxa7L%2Bl8rRDZ1N9jrOpBxyf8JNVm%2F9FNTdwQv%2BTY6b5C8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196933dad2373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
895 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bgzm83WoPHX6PXUkt5mTsa8wEZZ9BVQvCVyp8WES8lN9SjiomIvWmQ31RzxiBoSQ%2B0h8607D3Kcbu7aL%2BrSv0YVzFfSNdrhktLNZvVX%2BIwt%2FSUPHFFydAyY%2F6GdyV%2FFkyEKM1kj3P4p7Volc%2Bv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196933dae2373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
905 B 28ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0u4Hu9kYdZMDUrs6%2FMwdvUN6sJGiGuXBa1lsLMvW1JU0V8wVlRrU%2FCSAf9FmN2w9OeNsNbHVkEJQXWS7pdeVxYrrcwwVVGwBuCKcJ162XCnKVZ1ZAtE5IeaHGHpD8EVtopQsmEYkclWuFxKl%2Bg0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196933dbd2373-ZRH

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
894 B 29ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 517494
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrryMu6pDwlUzt5wcSPpMQJ6EWu1M9qKmhrN5dMabXcg3ZcfwpPqQTCQt8xY9O7PBna%2BqsF550Rk26OSLXua8wsGQ7lNzkLh9Cjztg9L7VBD0I%2B0A45sNdLLtzD0432YTe6sivJBCLyouQTYVQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196934dbe2373-ZRH

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
893 B 28ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2id%2B4K4071Jj45ScY3gs4S%2BaDFV836e9gXzqAhLuuobhgz%2Fc%2Fub69wNcXQ9DU21oAxiLF%2BQQMKLvo6bLgi2pSBijSLAu1n2t%2BkvdPYV69OwLRj%2FQzyYmlM%2B5s78UEeKyZzUNPPBbcRWwclN6YcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196934dbf2373-ZRH

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
913 B 29ms
27ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 339711
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3H9oHlJrMgR3W%2F8ZttZAdUF1KMScUnApA8XmN%2FjHlm8dWTMd%2FZJ5E%2F6zW%2FpdphAyCzZAJuVvxvSJlxvH8%2Fb%2Ff5dDK8AghkKjdNCXLxKZMjdzqp1x6GoIpJhcwvBI88xSxCIjyvXhMv%2Fddzemmo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196935de52373-ZRH

GET
H2 200 01-Pune-1000X408-Blog-Inner.jpg
orchidlifesciences.com/wp-content/uploads/2023/10/ 79 KB
80 KB 794ms
703ms Image
image/jpeg 45.132.244.92
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orchidlifesciences.com/wp-content/uploads/2023/10/01-Pune-1000X408-Blog-Inner.jpg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.132.244.92 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

v2202008124861124469.goodsrv.de

Software

LiteSpeed /

Resource Hash

bd1855f703f86ecbeb0e5b7b05afd9ac67115c1ea3a332e742cae330c8c38061

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Mon, 04 Dec 2023 05:18:21 GMT
x-litespeed-tag: ce4_,4086585_IMG
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 80918
x-qc-cache: miss
last-modified: Wed, 25 Oct 2023 11:42:31 GMT
server: LiteSpeed
etag: "204230077-1701667101;;;"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
x-qc-pop: EU-DE-FKB-67
expires: Tue, 02 Apr 2024 05:18:21 GMT

GET
H2 200 helemt-shop.png
windsorhelmets.com/wp-content/uploads/2023/08/ 303 KB
303 KB 336ms
43ms Image
image/webp 5.9.19.146
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windsorhelmets.com/wp-content/uploads/2023/08/helemt-shop.png
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.19.146 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: heimdall.protondns.net
Software: LiteSpeed /
Resource Hash: 5f1333348c7b2cd9973d4fb92d265c804f0237db32d0775ac320f26363c4e52e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
last-modified: Tue, 14 Nov 2023 20:21:21 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 310052
expires: Mon, 11 Dec 2023 05:18:21 GMT

GET
H2

200

logo%20zero%20kecil.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/ZvoEeEaViUZpgByPHAXsVKPLQHc/TS8gNw../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/ZvoEeEaViUZpgByPHAXsVKPLQHc/TS8gNw../logo+zero+kecil.jpg
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/ZvoEeEaViUZpgByPHAXsVKPLQHc/TS8gNw../logo%20zero%20kecil.jpg

25 KB
26 KB

325ms
233ms

Image
image/jpeg

2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/ZvoEeEaViUZpgByPHAXsVKPLQHc/TS8gNw../logo%20zero%20kecil.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 82a93a1a7c4aa97210ac48d43398d9c5e0cab2d971449799fe1520cc119e53c1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
x-guploader-uploadid: ABPtcPq7PIYlVCu5KwVHJQYJpk5bJaXXQg2EMRlIrXoGW-NNzZLRfqFSXvHLwe71CSdIerpwGpnllka7aQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25758
last-modified: Mon, 09 Oct 2023 05:37:10 GMT
server: UploadServer
etag: "6092079d71342cd0ab56ac094a2bb78c"
x-goog-generation: 1696829830429381
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=p4+bXw==, md5=YJIHnXE0LNCrVqwJSiu3jA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 25758
accept-ranges: bytes
expires: Mon, 04 Dec 2023 06:18:21 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/ZvoEeEaViUZpgByPHAXsVKPLQHc/TS8gNw../logo%20zero%20kecil.jpg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 05:18:21 GMT

GET
H2 200 Jual%2BSouvenir%2BTumbler%2BStainless%2BSteel%2BVivo%2BBotol%2BMinum.jpg
1.bp.blogspot.com/-mAscDtAHRMQ/Xgx1gwkBvSI/AAAAAAAAEhk/Nk3-7VPkry0j6BspBYveJu2Jl2cbl-XIgCLcBGAsYHQ/w1200-h630-p-k-no-nu/ 116 KB
116 KB 183ms
60ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-mAscDtAHRMQ/Xgx1gwkBvSI/AAAAAAAAEhk/Nk3-7VPkry0j6BspBYveJu2Jl2cbl-XIgCLcBGAsYHQ/w1200-h630-p-k-no-nu/Jual%2BSouvenir%2BTumbler%2BStainless%2BSteel%2BVivo%2BBotol%2BMinum.jpg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ff72b5d28bbdd4f749e02db6540a9f3398a0156d6f19fdbed6723ba25318942a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v121c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Jual Souvenir Tumbler Stainless Steel Vivo Botol Minum.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118715
x-xss-protection: 0
expires: Tue, 05 Dec 2023 05:18:20 GMT

GET
H2

200

matrimo.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/MQzyJqhtRGK2EIUwhv4aifVK7X4/CXJ0RQ../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/MQzyJqhtRGK2EIUwhv4aifVK7X4/CXJ0RQ../matrimo.jpg
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/MQzyJqhtRGK2EIUwhv4aifVK7X4/CXJ0RQ../matrimo.jpg

6 KB
6 KB

841ms
748ms

Image
image/jpeg

2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/MQzyJqhtRGK2EIUwhv4aifVK7X4/CXJ0RQ../matrimo.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: df664f663d05aee9ae2f902c95328da1f231d77965e22c99cccbc0ff50be2e13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
x-guploader-uploadid: ABPtcPoYTYXVmwh2PZ7f08Vxpxj6tTP8glFzvzwwMfHb2yjhwXGKm0Uqgb2bmc_bLgLhBba7lcBLH5vfpg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5751
last-modified: Fri, 17 Nov 2023 11:31:15 GMT
server: UploadServer
etag: "6121df07514742c781643b48c8c0dea4"
x-goog-generation: 1700220675534718
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=oPcibw==, md5=YSHfB1FHQseBZDtIyMDepA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5751
accept-ranges: bytes
expires: Mon, 04 Dec 2023 06:18:21 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/MQzyJqhtRGK2EIUwhv4aifVK7X4/CXJ0RQ../matrimo.jpg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 05:18:21 GMT

GET
H2 200 How-to-Keep-the-Spark-Alive-in-a-Long-Term-Relationship.jpg
www.ausadvisor.com/wp-content/uploads/2023/12/ 137 KB
137 KB 710ms
583ms Image
image/jpeg 2606:4700:3033::ac43:9fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ausadvisor.com/wp-content/uploads/2023/12/How-to-Keep-the-Spark-Alive-in-a-Long-Term-Relationship.jpg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:9fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/2.3.3

Resource Hash

585b37dd02d1257b295554b55a8838d92ad7898ed433d105512c9fa5c6a62bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 140198
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: W3 Total Cache/2.3.3
alt-svc: h3=":443"; ma=86400
content-length: 139977
pragma: public
referrer-policy: no-referrer-when-downgrade
server: cloudflare
etag: W/"PSA-aj-kyHV2SlsJh"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kO0hsYhfY3AJIRHa9egPRhq8WVH3r1ye9w0XPwkV4%2FPVK0ChoXkmFwLJqBd%2BfQ4rVBLTVpNuwRLsFcyMRsKwI0X9wpPAhNxwGiz%2BUwsYj5cyoegQagLrU0rpk1rna2q75EHNuLS2IWQ2cDXOlbSmeUg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2591863
accept-ranges: bytes
cf-ray: 8301969428f483b5-MXP
expires: Wed, 03 Jan 2024 05:16:04 GMT

GET
H2 200 The-Hidden-Costs-Of.jpg
blogstudiio.com/wp-content/uploads/2023/12/ 182 KB
182 KB 2288ms
271ms Image
image/jpeg 103.53.42.80
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogstudiio.com/wp-content/uploads/2023/12/The-Hidden-Costs-Of.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.53.42.80 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software: Apache /
Resource Hash: e0de5ebc6421fb3d279d6bc8e6776b737740cfb27468eee029d3e4540298ae0c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
last-modified: Fri, 01 Dec 2023 14:06:52 GMT
server: Apache
accept-ranges: bytes
content-length: 185874
content-type: image/jpeg

GET
H2 200 PP_Logo_628.png
cdn.shopify.com/s/files/1/0282/4457/4243/files/ 7 KB
8 KB 235ms
173ms Image
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0282/4457/4243/files/PP_Logo_628.png?v=1686205209

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

d1626ead5be3b93c5e4c47f4a8770438fddad715e10091b758a6b5ea488a130b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
source-type: image/png
server-timing: imagery;dur=188.526, imageryFetch;dur=81.714, imageryProcess;dur=94.189;desc="image", cfRequestDuration;dur=131.000042
source-length: 7238
content-length: 7349
x-xss-protection: 1; mode=block
x-request-id: 6ef878f1-9a09-47ba-bf1e-469b03e7d4aa
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 04 Dec 2023 05:15:24 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FD7t4sd9vIeXzfJVucIMoT4iKDtaEX9vAutIwNg6zlV%2FoLuM9FC31HyantgsgAx%2F8d%2FNjOVuYgRqglhL4TT7XWpMRafXK%2FsebFhqf%2FEhlOSOn4IL2iLR1OtIMKxBykpFJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0282/4457/4243/files/PP_Logo_628.png>; rel="canonical"
cf-ray: 83019693ecb20229-ZRH

GET
H2 200 main-logo.jpg
allwinrotoplast.com/public/front/images/ 17 KB
17 KB 1430ms
400ms Image
image/jpeg 162.251.85.8
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allwinrotoplast.com/public/front/images/main-logo.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.251.85.8 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-251-85-8.unifiedlayer.com
Software: Apache /
Resource Hash: f26089f52db1a1542c4df0a4721519d7fb1ea9e4bcccc6888b68afb6593b4cb2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
last-modified: Tue, 16 May 2023 10:07:58 GMT
server: Apache
accept-ranges: bytes
content-length: 17525
content-type: image/jpeg

GET
H2 200 cGhhIjoxfX0sImZsYXR0ZW4iOnsiYmFja2dyb3VuZCI6eyJyIjoyNTUsImciOjI1NSwiYiI6MjU1LCJhbHBoYSI6bnVsbH19fX0__ucv54d7czhzck6iy2um7vj.jpg
audi-kolkata.in/images/ 3 KB
3 KB 567ms
185ms Image
image/jpeg 68.178.145.107
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audi-kolkata.in/images/cGhhIjoxfX0sImZsYXR0ZW4iOnsiYmFja2dyb3VuZCI6eyJyIjoyNTUsImciOjI1NSwiYiI6MjU1LCJhbHBoYSI6bnVsbH19fX0__ucv54d7czhzck6iy2um7vj.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.178.145.107 Mumbai, India, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 107.145.178.68.host.secureserver.net
Software: Apache /
Resource Hash: 3e69aaa727280da277edd6b911b02616c9e78fc9dad41ccd3bec0808afcc5a3f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
last-modified: Fri, 16 Dec 2022 06:56:01 GMT
server: Apache
accept-ranges: bytes
etag: "20a2cb4-d0a-5efec766c33cb"
content-length: 3338
content-type: image/jpeg

GET
H2 200 logo-browser-favicon.jpg
acservicesmadurai.com/wp-content/uploads/2023/11/ 2 KB
2 KB 467ms
141ms Image
image/jpeg 2a02:4780:11:1102:0:3a78:25a8:7
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://acservicesmadurai.com/wp-content/uploads/2023/11/logo-browser-favicon.jpg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:11:1102:0:3a78:25a8:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ad634268f20b31876d8ec07f7bd731ffc2269a7a7da0cf1dd3841ce308a9e824

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 09 Nov 2023 18:43:21 GMT
server: LiteSpeed
etag: "657-654d2849-b83196304acfcf5e;;;"
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1623
expires: Tue, 03 Dec 2024 11:18:21 GMT

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
924 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNB3CS4JTVWxuMTK3WrUo%2F85dTpnExKpAD19GMmscBAeyJNa5qjCql7qm%2B%2FwQ6qXus9JPElQClYno969yzqsPTSsRB3XFL3VzsbKflVfAi9sGv7rYDwe5bNpDTeVjSnaXFzW1u7wsbDpj1X%2FRrw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196936ded2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
924 B 29ms
29ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCaBGc39MT0t18hLl6JQK8kt4USMwLsjVVFTn5Dq3KdIJ5G9mcJBMouA1LDZjUs1ZEkjfTulnrPmpmaOVuwk%2FH%2F5q9BuRhWjLmvDkResby4s%2BgyXCzOsJ0jonlL9IdPFX1DvFwdYl%2FzbeUyYbo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196936df12373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
924 B 28ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3QXeW2MskNeyNWKbiBJImVBuT2VZklJbcwUwhFyIuknUAkal%2F1PKg3OvJpVCI%2FY%2FI0OOp9UZhcRYpaUE7PEsGD1QkhXc0qXIpvKNqFfvFtRgSDFHaWShWGtTC4XuAIewC7uzFIMw83YBC0tWxk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196936df22373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
926 B 39ms
39ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=regmF4XachQgVvJzk7p7%2BISyd8soEvgJ6Cz8G0gqd%2Bozj72wWedI072tWhY%2B6rqPjUmYnyLGK%2B2KwP09TGEX7A2eQ25Dh15NWuBbbZKCIK%2Fafy2F6hxh9R%2BFiNtQUOxojhdcRtKRGUx8fQfn3tk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196936df52373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
924 B 29ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNGXUNVIz3I7CxekPiDqvgLmalUxbH7%2FqAzKS67CWGfZYzEovnPA3G7YnkvrI%2BjYYeVSAEeovXwdI3%2BU2bbZ5bjbsdoDUA0ta5yhW0MxzmnXX6K93nwTlG54kmjIdyh6bUBU0Uv2rBcz6X5kBjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196937e012373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
926 B 28ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MW4IzGyOH1A0TwwH5hfIdkwhZHibKRUinQW%2BDvcYKyPeN98lIS4PxADc%2Ffw7COzrs%2FBywklu7HHOVIEKN%2FiD4auDTIWkNHfu7NGaFGFcNDI8l5LdpVcP70mtiMx%2BCK90io2KtYDk0rbFFeUkgRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196937e032373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
923 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FR1EByaXvGZrnD8nBXqtHiOR7Ldyb3hO8muTpYg3I87koCKHXGJMOclomFquovlQKIWpsvTk5QNmO5Dt2ZHdRk1lNocyIPvcLuUpu%2BwR71NAwCNTmxwl%2B8LCf5RDv%2B7qawYkAlfp3GsFLdaaeI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196937e062373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
925 B 28ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSl3OeY7xccZaW%2BRl8dMLolfaQGtMadh1N89Uo%2F0KKwHyE9bLO7LLsAJIRVhQSSicvNs8dkdtbdHJGRMNNoaBm%2B%2F6Szp8DRaujjWTyIN6zWgJ7v3C3BEfHTkDOW22JBL3%2BouvEJCcmeDq5zXVnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196937e0c2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
923 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywZyy3PepqA0cWttU%2B8zNN98Raxgsjs%2Fcx1eCtiudZPqb8GqOZe9TFQZelgAtoWhh8CthVIyzwVapM9OL%2FclRr2hV470rZRikXlQSKEuakbb5tUvcHW3Py4l5oKFK2cdDqH7IPW9Y%2BAN596KRKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196937e132373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
925 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yami4V8ujrEUrklYOpSHQasOOy%2B3ZAf1mfFYQlwxGu6msJwD6IWthFJGxvdvyBGsphw%2BE79F6nUuokm9Yij7ArEwXePkB4jrLpRRZFnDdz8mxNZ0fsDx%2F6gn5NpxJrWRhIZM%2BIj7qK8eraWIqoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196937e152373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
922 B 29ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTFbrdCfz%2FtZhOt4F9Dgd%2FqfJz7XcAvbE0pPeTae6UuSZGmvQPGE%2FlckLfUR16ReEGmHmeLrPnRKfI2l%2BC8f9u4203810iJi9fi0HztCm3AgBUSAEA0NmfumeQc76EacDAcECgWiLhz%2FzKJc0Lg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196938e1e2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
925 B 35ms
35ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsx6nr5t6qbm75gtEI7i9bgDAL9j7Zkqdty3N98sP155jO%2BRuVq2Iu%2BjNaxPUEITXj6hEWghYuor5ZTHPozub414A1w%2BqURK%2BDvYQJhWrVb9jF8%2Fq5OmL7IQk2wg6pQaiQfTI0xyCD5L2UxAQCw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196938e212373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
926 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JbhMzJMvXXcGGn%2FyaVQgmOyGw6hefbwWuvkqN7jCpRkqRwI%2FmZn0DnfT3%2BkRmIfjJJOF%2B3eQLoSDCQJRRa51DObW1tgRGmCDR4TaRrxCj9PfmeAF8OPPB3rfXMsvt3IzSxxkM0GzjnZyGAzgFI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196938e232373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
919 B 32ms
32ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9dtXJywBUWWDc24%2BUA6QsBjU6fyhRE3gJZqKZ1R9VwdITBhdHn2DJLTYmSFscOI6nEvwURRax01cLJciRiio39oCg3vrY8E8yO8s6aAAaPWXZZRDOMnpcHqKiyAB6SBcdqsqDl5VRiK19ifSDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196938e252373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
932 B 28ms
28ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nrw2HSyujX4%2BYIY25ClmVL5y4sAqE%2B%2Bj2ooRPTthCU%2BM5VEeaY%2FnUcXXs5Yu6BYSRN9%2FSKuB%2FXSJP7Bu2M01GxdkiGO2g%2FkXScBZZx88r1PglvPhHGcH%2B8VxgZxPYOMhMUF7pxPtW9eCh9lPP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196938e282373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
924 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJAnyV2TJQFuEFc5Noomyr4iHuDjjZ0q74kJkQlEUg3peHojrYW4K3%2BRd3T79JSxpxoVhbTzylRGflGteY5F35MrtgAd35gn%2BnxK%2BA%2BbPi4l2oR%2F3rpPcdCmCHwcsxzIKIwIcJ0ZzZYxtaPEo7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196938e2a2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
924 B 32ms
31ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWNxb%2BRWPqd8eLVDdE2JJv%2B%2BX4Uf90oLJmqU1dJzrurH6hx6gFkP0BNTUWmXL4uVESAC0EjIVf7X5DM9S47rszFMIpFjHG7W7iquYlQjISQQHq2oAz52Z5rYIdw9m0vAvyK76mjNyAEg81W1CdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196938e2b2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
919 B 41ms
41ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFre8meb9gZnZ27Ya92L4GRntzQSEBcmNrRhFgr10naXJpPBwIG4v4mOrTbI%2F8aS6qK0MBkq5sl02zPc5Bp9FbbaGgx7q5MhzSu1sSCPfYq%2F6xC85UmPzfny1LVARr9GahGo9QzRQ65GB2eJV6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196938e2d2373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
919 B 32ms
32ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvFxwByiDiskRHgyD5uI35nFg53X7tIdw8YWaSD3MAclkADJ6P5bFhsRReTidRIhsx6hZaMpJi9yX3RcTGGIWFpnUM%2BGGzwREg58uQtHlfSiUyiD1PnL7sxwUzGaxvsoGoboKYpBQm9kuCPV9i0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196938e342373-ZRH

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
925 B 33ms
32ms XHR
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 356465
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoDxVFeZpOjp9xFEvivuUqzUibsWOPWCTthe%2B1if%2BaKUwHR1clnkN9tWbuYbgpAwmE%2Bpb5ejk0388RJnVDBwyaDqBDnAKDJJEVy3Xgduxqfc7ri7LjKPoQz%2FsWluZZ2%2FELm7w7TQsmNAsRE1IJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 830196938e362373-ZRH

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 282ms
279ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2397939183335830&correlator=1196934196266971&eid=31079240%2C31079874%2C31079525&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701667100732&lmt=1701667100&adxs=386&adys=1847&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1291839822.1701667099&ga_sid=1701667100&ga_hid=1340743998&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj6qo2awzFIABI7CgpwdWJjaWQub3JnEiRjNmRkM2FjZC1iYmY5LTRhZTYtOWYyMS0yNmE0ZTIwOTcwNDYY3qiNmsMxSAASHQoOZXNwLmNyaXRlby5jb20YtaiNmsMxSABSAghkEhcKCHJ0YmhvdXNlGLWojZrDMUgAUgIIZBIUCgVvcGVueBiLq42awzFIAFICCG8SGQoKdWlkYXBpLmNvbRi1qI2awzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGImqjZrDMUgAUgIIag..&dlt=1701667098547&idt=69&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D2%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D5__notchrome%26browser_hour_refresh%3Dundefined_5_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2233693956&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdb20960f5980d9919be69f8187898e786326f27196d284acfdc70e28d467eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23158
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 268ms
264ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2397939183335830&correlator=2184764881493971&eid=31079240%2C31079874%2C31079525&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701667100734&lmt=1701667100&adxs=386&adys=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1291839822.1701667099&ga_sid=1701667100&ga_hid=1340743998&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj6qo2awzFIABI7CgpwdWJjaWQub3JnEiRjNmRkM2FjZC1iYmY5LTRhZTYtOWYyMS0yNmE0ZTIwOTcwNDYY3qiNmsMxSAASHQoOZXNwLmNyaXRlby5jb20YtaiNmsMxSABSAghkEhcKCHJ0YmhvdXNlGLWojZrDMUgAUgIIZBIUCgVvcGVueBiLq42awzFIAFICCG8SGQoKdWlkYXBpLmNvbRi1qI2awzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGImqjZrDMUgAUgIIag..&dlt=1701667098547&idt=69&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D3%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D5__notchrome%26browser_hour_refresh%3Dundefined_5_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2566420883&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97d03eacb71f0bacc9d1c388bf03c478bf3fbd3e6de507d488c3dfd4cb3081f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23192
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
23 KB 276ms
272ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2397939183335830&correlator=636199053388381&eid=31079240%2C31079874%2C31079525&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701667100737&lmt=1701667100&adxs=386&adys=3191&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1291839822.1701667099&ga_sid=1701667100&ga_hid=1340743998&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj6qo2awzFIABI7CgpwdWJjaWQub3JnEiRjNmRkM2FjZC1iYmY5LTRhZTYtOWYyMS0yNmE0ZTIwOTcwNDYY3qiNmsMxSAASHQoOZXNwLmNyaXRlby5jb20YtaiNmsMxSABSAghkEhcKCHJ0YmhvdXNlGLWojZrDMUgAUgIIZBIUCgVvcGVueBiLq42awzFIAFICCG8SGQoKdWlkYXBpLmNvbRi1qI2awzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGImqjZrDMUgAUgIIag..&dlt=1701667098547&idt=69&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D4%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D5__notchrome%26browser_hour_refresh%3Dundefined_5_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=752999773&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9be7c919587a78ab06d19acbff7e2cbed141a8f0f41826b8e4da95e7feb7ad45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23492
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 260ms
257ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2397939183335830&correlator=1127473961982400&eid=31079240%2C31079874%2C31079525&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701667100738&lmt=1701667100&adxs=386&adys=4085&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1291839822.1701667099&ga_sid=1701667100&ga_hid=1340743998&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj6qo2awzFIABI7CgpwdWJjaWQub3JnEiRjNmRkM2FjZC1iYmY5LTRhZTYtOWYyMS0yNmE0ZTIwOTcwNDYY3qiNmsMxSAASHQoOZXNwLmNyaXRlby5jb20YtaiNmsMxSABSAghkEhcKCHJ0YmhvdXNlGLWojZrDMUgAUgIIZBIUCgVvcGVueBiLq42awzFIAFICCG8SGQoKdWlkYXBpLmNvbRi1qI2awzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGImqjZrDMUgAUgIIag..&dlt=1701667098547&idt=69&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D5%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D5__notchrome%26browser_hour_refresh%3Dundefined_5_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2414587748&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dce3673298be4dc503a4c592e99f51ea1976ca53153ff9471bf713e31b78f343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23042
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 322ms
319ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2397939183335830&correlator=2272744041817907&eid=31079240%2C31079874%2C31079525&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=7&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701667100740&lmt=1701667100&adxs=386&adys=4970&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1291839822.1701667099&ga_sid=1701667100&ga_hid=1340743998&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj6qo2awzFIABI7CgpwdWJjaWQub3JnEiRjNmRkM2FjZC1iYmY5LTRhZTYtOWYyMS0yNmE0ZTIwOTcwNDYY3qiNmsMxSAASHQoOZXNwLmNyaXRlby5jb20YtaiNmsMxSABSAghkEhcKCHJ0YmhvdXNlGLWojZrDMUgAUgIIZBIUCgVvcGVueBiLq42awzFIAFICCG8SGQoKdWlkYXBpLmNvbRi1qI2awzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGImqjZrDMUgAUgIIag..&dlt=1701667098547&idt=69&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D6%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D5__notchrome%26browser_hour_refresh%3Dundefined_5_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2954782562&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a600e562878048db57f538e50cf4ad066ae4de746611bf592285688b053aabe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23445
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 309ms
306ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2397939183335830&correlator=2954901365453019&eid=31079240%2C31079874%2C31079525&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=8&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701667100742&lmt=1701667100&adxs=386&adys=5878&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1291839822.1701667099&ga_sid=1701667100&ga_hid=1340743998&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj6qo2awzFIABI7CgpwdWJjaWQub3JnEiRjNmRkM2FjZC1iYmY5LTRhZTYtOWYyMS0yNmE0ZTIwOTcwNDYY3qiNmsMxSAASHQoOZXNwLmNyaXRlby5jb20YtaiNmsMxSABSAghkEhcKCHJ0YmhvdXNlGLWojZrDMUgAUgIIZBIUCgVvcGVueBiLq42awzFIAFICCG8SGQoKdWlkYXBpLmNvbRi1qI2awzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGImqjZrDMUgAUgIIag..&dlt=1701667098547&idt=69&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D7%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D5__notchrome%26browser_hour_refresh%3Dundefined_5_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3024330878&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cde2f211748f34a378b365d8dc7d50d1a10cc95f2b496fde86a99657dfeb3c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12604
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 255ms
252ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2397939183335830&correlator=2926316200466712&eid=31079240%2C31079874%2C31079525&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=9&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701667100745&lmt=1701667100&adxs=386&adys=6763&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1291839822.1701667099&ga_sid=1701667100&ga_hid=1340743998&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj6qo2awzFIABI7CgpwdWJjaWQub3JnEiRjNmRkM2FjZC1iYmY5LTRhZTYtOWYyMS0yNmE0ZTIwOTcwNDYY3qiNmsMxSAASHQoOZXNwLmNyaXRlby5jb20YtaiNmsMxSABSAghkEhcKCHJ0YmhvdXNlGLWojZrDMUgAUgIIZBIUCgVvcGVueBiLq42awzFIAFICCG8SGQoKdWlkYXBpLmNvbRi1qI2awzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGImqjZrDMUgAUgIIag..&dlt=1701667098547&idt=69&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D8%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D5__notchrome%26browser_hour_refresh%3Dundefined_5_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2533869661&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a64f49dbb3b9a61bae49d9f1ca65d451758d652b9b69c21d08780b03f4badd9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23436
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 297ms
294ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2397939183335830&correlator=216768018279949&eid=31079240%2C31079874%2C31079525&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=10&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701667100747&lmt=1701667100&adxs=386&adys=7647&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1291839822.1701667099&ga_sid=1701667100&ga_hid=1340743998&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj6qo2awzFIABI7CgpwdWJjaWQub3JnEiRjNmRkM2FjZC1iYmY5LTRhZTYtOWYyMS0yNmE0ZTIwOTcwNDYY3qiNmsMxSAASHQoOZXNwLmNyaXRlby5jb20YtaiNmsMxSABSAghkEhcKCHJ0YmhvdXNlGLWojZrDMUgAUgIIZBIUCgVvcGVueBiLq42awzFIAFICCG8SGQoKdWlkYXBpLmNvbRi1qI2awzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGImqjZrDMUgAUgIIag..&dlt=1701667098547&idt=69&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D9%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D5__notchrome%26browser_hour_refresh%3Dundefined_5_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2606919589&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba712e5b1f7341b9c67768f9b1d52bd23fc315f670ee8cd566c787bdc5a57eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23447
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
23 KB 289ms
287ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2397939183335830&correlator=1244587754092082&eid=31079240%2C31079874%2C31079525&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=11&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701667100748&lmt=1701667100&adxs=386&adys=8544&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=9&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1291839822.1701667099&ga_sid=1701667100&ga_hid=1340743998&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj6qo2awzFIABI7CgpwdWJjaWQub3JnEiRjNmRkM2FjZC1iYmY5LTRhZTYtOWYyMS0yNmE0ZTIwOTcwNDYY3qiNmsMxSAASHQoOZXNwLmNyaXRlby5jb20YtaiNmsMxSABSAghkEhcKCHJ0YmhvdXNlGLWojZrDMUgAUgIIZBIUCgVvcGVueBiLq42awzFIAFICCG8SGQoKdWlkYXBpLmNvbRi1qI2awzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGImqjZrDMUgAUgIIag..&dlt=1701667098547&idt=69&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D10%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D5__notchrome%26browser_hour_refresh%3Dundefined_5_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=4085529275&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48190aacfc1f940049159ccbecc1a0c70c12c5d08c1a99259321c75bfd2c8aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23596
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 53E8 6 KB
3 KB 52ms
51ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Tue, 03 Dec 2024 05:18:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8830
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8594898887817346856

43 B
97 B

44ms
38ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8594898887817346856
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8594898887817346856
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 8830
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fb1dd5ac-3af1-8b23-9c15-0c5f295a7ac4
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fb1dd5ac-3af1-8b23-9c15-0c5f295a7ac4&dcc=t

43 B
855 B

231ms
231ms

Image
image/gif

52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fb1dd5ac-3af1-8b23-9c15-0c5f295a7ac4&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Protocol

HTTP/1.1

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 05:18:21 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P9RVTJ93DXJTDVWPM6G0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 05:18:21 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CBN4SJZ3VYPFVGAH97XP
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fb1dd5ac-3af1-8b23-9c15-0c5f295a7ac4&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 8830 70 B
149 B 207ms
49ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=a3cba9d1-265b-30d9-5c1b-8ec84169b124&gdpr=0
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 8830 170 B
409 B 217ms
59ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZhNDdhMWItZWYyYy02ZTdkLTQ5ZmItZDQ3MThiOGI3ZjQ0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8830
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHV84p4_ZN4q99PiDT2VCr4&google_cver=1

43 B
171 B

42ms
37ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHV84p4_ZN4q99PiDT2VCr4&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHV84p4_ZN4q99PiDT2VCr4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
289 B 117ms
117ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Mon, 04 Dec 2023 05:18:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 container.html Show response
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9EF4 6 KB
3 KB 29ms
29ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Tue, 03 Dec 2024 05:18:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 25ms
25ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=13dbd6d9-7ec6-465b-9bf6-6f2e20908649&a=p.f.i&u=JYM01M&d=%7B%22c%22%3A%22CH%22%2C%22r%22%3A%22%22%2C%22p%22%3A%22%2F%22%7D
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 1895106
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 53E8 4 KB
767 B 37ms
37ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 05:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 04:29:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 05:18:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FD42 6 KB
779 B 37ms
36ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 05:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 03:54:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 05:18:20 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FD42 2 KB
903 B 102ms
36ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:24:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame FD42 24 KB
9 KB 120ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:23:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FD42 3 KB
1 KB 102ms
38ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:25:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FD42 20 KB
9 KB 92ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FD42 202 KB
64 KB 171ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:21 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame FD42 37 KB
15 KB 154ms
51ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 53E8 22 KB
9 KB 94ms
32ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9189
x-xss-protection: 0
server: cafe
etag: 14682237860056745894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:37:16 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 53E8 205 B
229 B 151ms
51ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:34 GMT
x-content-type-options: nosniff
age: 110807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 01 Dec 2024 22:31:34 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 53E8 604 B
628 B 149ms
50ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:40:01 GMT
x-content-type-options: nosniff
age: 117500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 01 Dec 2024 20:40:01 GMT

POST
H2 200 apm Show response
folkd.com/user/ 4 B
934 B 307ms
307ms XHR
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/user/apm

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Fiber-ID: 1701667100956x523668325238781700
X-Bubble-PL: 1701667098387x677
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAxNjY3MDk4fQ.bBgKhJs43WfSO6fHpwUq5bx2VjD9hKDq2ZKuy6zvqbU
X-Bubble-Breaking-Revision: 5

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf: {"total":18.3,"percents":{"top":{"bubble_cpu":24.1,"block":9,"capacity_rl":0,"other_pause":0,"pre_fiber":66.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":8.3,"fiber_queue":1.2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":6,"blocks":5},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":660403}}
strict-transport-security: max-age=63072000
x-bubble-appname: folkd0612
x-powered-by: Express
x-bubble-capacity-used: 0.01 unit-seconds used
x-coalias-cache: MISS
server: Vercel
x-vercel-id: fra1::m72j4-1701667100964-f2c181c7e160
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jw5Vv3hLzOsiPGd0KI80Il%2Fo01poINHdrh0EZgAQXzru7Mw9jQzHZBIH1boGFhFBwcVf5La%2Bswk26sSjLxbK8IiKSfhLGNAJKZvJfaG7f%2FR584lu6jBw184uKhiNQLPr5CX9zdxexnSWbsUSUkfUdC9b43ykQ8t%2BRi0mw8cPdVBCbsnlmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-bubble-request-took: 18
cache-control: no-cache
cf-ray: 830196953f6518de-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 ym.1.js Show response
static.yieldmo.com/ Frame 9EF4 487 KB
134 KB 130ms
33ms Script
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28cd33d7eaf1080e2d9d9c3a96ab1e7e19548b7b3ffc55b394107a113e63f959

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VLN07B6jDUKV9YGz8xtQMPBTKodlNdhp
content-encoding: gzip
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
date: Sun, 03 Dec 2023 09:09:04 GMT
x-amz-cf-pop: FRA6-C1
age: 73566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:56:18 GMT
server: AmazonS3
etag: W/"b6d980ebe9156ae6eb1f2f6a120cb463"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: By8o7RTiEDepvKxnlkzkZR3wOUEn2N6kLZ7RrVIF2I2gQtSBw5y6-Q==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9EF4 3 KB
1 KB 31ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:25:38 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2C5F 1 KB
1001 B 98ms
29ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 46811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9EF4 20 KB
8 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 9EF4 43 B
493 B 242ms
52ms Image
image/gif 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3420950681100687039&pvt=1701667100282&plid=2521236318193655889&imp=8248855875603289632&rep_meta=dqercb_DA95RPbqz1L-N6OyRpfA_5JvI3RutqPk9w4o4j8CBu3nlBqtXMTwIvH-kdgTXC_80O3OdqoJKLEm6BOsfxEai5TK32y9re6VLdM1__VHCEJA1A3IvLd2bXrFtN2tmER-jtyQwP6XEHEOTbFGmb0ReNgLsCT1NArp1ZC63kayT7rMQ85mi4ts4EbAPPwKc6gWbw3jlcUn_xizZo9KqjEvADxVO_SKM2whGTw-oLWrIINrswLOwe8-cIEd0EzW9YkGSK6T-CIpkYT2qE9kU6cF-F_2t7BauTDt48P0_HBi2YGsqqA776TSq_d7CZs8Ee_3yODIZYQ02Yi34i_WDUBROLMJ044YTjDVAvNhGTw6syMSngTgk9WP-__VVuV7K6QYhv85-otQqQ4xy6y0GrPkJE8o3AQbB4HfFULY
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9EF4 0
0 37ms
36ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPSW9Hwj94VTjTIB3FMP0LSaBqJubR7NK5RwWQuO27qg6uU7jmiHmoRdiQAQeUFsCXOAdg2ANLmNdmIXK_UXuMVhLWYg
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9EF4 24 KB
7 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Nov 2024 17:29:53 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9EF4 202 KB
64 KB 160ms
154ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:21 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 9EF4 68 B
244 B 214ms
51ms Image
image/png 51.20.47.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hgpk6mbp&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl8xXzFfYWQifX0%3D&cb=2593458&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.47.97 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-47-97.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 container.html Show response
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E624 6 KB
3 KB 29ms
28ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Tue, 03 Dec 2024 05:18:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4272 6 KB
3 KB 30ms
28ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Tue, 03 Dec 2024 05:18:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4437 6 KB
3 KB 29ms
28ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Tue, 03 Dec 2024 05:18:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 52E0 6 KB
3 KB 28ms
28ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Tue, 03 Dec 2024 05:18:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C930 6 KB
3 KB 29ms
28ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Tue, 03 Dec 2024 05:18:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DBA4 6 KB
3 KB 29ms
28ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Tue, 03 Dec 2024 05:18:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8169 6 KB
3 KB 28ms
28ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Tue, 03 Dec 2024 05:18:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4233 6 KB
3 KB 29ms
28ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Tue, 03 Dec 2024 05:18:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E44 6 KB
3 KB 31ms
28ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Tue, 03 Dec 2024 05:18:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ym.0.js Show response
static.yieldmo.com/ Frame E624 487 KB
126 KB 32ms
31ms Script
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.0.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28cd33d7eaf1080e2d9d9c3a96ab1e7e19548b7b3ffc55b394107a113e63f959

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vFDhE03p9jhTd7ZTxx78w6LGv4T3Fwvb
content-encoding: br
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
date: Sun, 03 Dec 2023 16:57:00 GMT
x-amz-cf-pop: FRA6-C1
age: 44482
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:56:18 GMT
server: AmazonS3
etag: W/"b6d980ebe9156ae6eb1f2f6a120cb463"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: s5JljKz0xkfudbxv6_JOp90q8Ow03fWpbqS14BswwGXsBULSz0NzPw==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame E624 3 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:25:38 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8769 1 KB
677 B 29ms
29ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 46811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame E624 20 KB
8 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame E624 43 B
492 B 54ms
53ms Image
image/gif 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3420950685957697777&pvt=1701667100861&plid=2521236318193655889&imp=7361272455628332211&rep_meta=9WjiYEouHNcKBy7y_IeSjtCdpvknxwJAmIgv9LcJ7DWjSk_YIFnjIJ9HIAgg3u7pmciDmOlxAAnkq2Ut4UUGuKT5Q5Ztb3L7BWEkO-SkjHyBeixFjp6Z9Eeo93rG9Eyg_sT5of9k0GbwMZ7wB4LQm8skXCgcUv7b6UiB3Fk1g-BB8tNFUjwvdAaEKpXA-stvCFzgZ-Eo0iYTuxocjo1IuGe7MERB6ve1xg4nBqxqJonScb9U7TUmSXoz00Eg93mTOdjD--jFAOEOH_AN3B2UW1coUqkmxjrR5W34a62jHyR-o41avuP_AmCpAmOJnSP22MNell9CzqFfhYcmuhiIfuML8QbekphaY8FGjirN988T2MCEen3OgRjB9I2jVbgUcQPgiOJG1ZGwZ63wTJMCrU0gloEwh3pw08Ky6Y7VIEY
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame E624 0
0 37ms
36ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTl_ed9lz6jggPUGa3gszsyaSG2tx739t2tMsr_TewNVSXqWKLi0H5FqW9WmVdWvA4biKm7N-wSqkOhTwSBponhbQ9e_w
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E624 24 KB
6 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Nov 2024 17:29:53 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E624 202 KB
64 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:21 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame E624 68 B
243 B 50ms
50ms Image
image/png 51.20.47.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hgpk6mni&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl84XzFfYWQifX0%3D&cb=2198667&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.47.97 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-47-97.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ym.1.js Show response
static.yieldmo.com/ Frame 4272 487 KB
134 KB 30ms
30ms Script
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28cd33d7eaf1080e2d9d9c3a96ab1e7e19548b7b3ffc55b394107a113e63f959

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VLN07B6jDUKV9YGz8xtQMPBTKodlNdhp
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Sun, 03 Dec 2023 09:09:04 GMT
x-amz-cf-pop: FRA6-C1
age: 73566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:56:18 GMT
server: AmazonS3
etag: W/"b6d980ebe9156ae6eb1f2f6a120cb463"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: vMYKC4KEdEjZR-jPLbxy5c4SwfFOe6zbQZzpwEUdW8y3397cr0rlNg==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4272 3 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:25:38 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 146C 1 KB
677 B 30ms
29ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 46811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4272 20 KB
8 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 4272 43 B
492 B 55ms
53ms Image
image/gif 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3420950685991242789&pvt=1701667100865&plid=2521236318193655889&imp=5041519242139059885&rep_meta=8vWBwGAh266yw2M536u2KGa-MVQErRT-TJfImKZSejOqZ2frvEShz6BXN1Pn0q2wbtpw2PjkJmYzFNRZ26qfnmHpN1AbUyQWjVzuTEWEN1S9mPN9C1_XbqAZzw0bvMTzG4OSaTJyV88e0nVM47T38uGl1KO4p5BSHaEIxHEpfsxWH5fTKrSc8_Ne5XU0jmHFSc7T2cbN75gcsffyEqcnlMpAcCYckd8LMhaoS-lbJ0XQz_3fIN3NcK_Vbmqj0UccjGDiuae6m8A33PV7kgNOe1pcxFDJbO4_MI3JvpnD0b_St9MzyB0rk_NsoAZz71hwPJFvoZ4wKMixuk0tP0e6jGfrdIvi3WQEhKL1MY6e1CZrwIGeHA1b1T9bJBZ_dqXDfJlV7Np8RlIC3rigHBAUErDEWdURY5EZ5T8fuinaxj8
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4272 24 KB
6 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Nov 2024 17:29:53 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4272 202 KB
64 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:21 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 4272 68 B
243 B 50ms
49ms Image
image/png 51.20.47.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hgpk6mpa&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl81XzFfYWQifX0%3D&cb=326333&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.47.97 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-47-97.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ym.0.js Show response
static.yieldmo.com/ Frame 4437 487 KB
125 KB 30ms
29ms Script
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.0.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28cd33d7eaf1080e2d9d9c3a96ab1e7e19548b7b3ffc55b394107a113e63f959

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vFDhE03p9jhTd7ZTxx78w6LGv4T3Fwvb
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Sun, 03 Dec 2023 16:57:00 GMT
x-amz-cf-pop: FRA6-C1
age: 44482
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:56:18 GMT
server: AmazonS3
etag: W/"b6d980ebe9156ae6eb1f2f6a120cb463"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: EuDVF7UKeyz5iOkdDGGxpcmp0Q0okV93G-VaKaL-iORzlGU1fTVJmQ==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4437 3 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:25:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7DEC 1 KB
643 B 29ms
29ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 46811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4437 20 KB
8 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 4437 43 B
492 B 53ms
52ms Image
image/gif 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3420950686058365789&pvt=1701667100873&plid=2521236318193655889&imp=2031724321417137535&rep_meta=QOSSttprBvD16yQ9euyC2Vf81QW3rW6aNMucKMTr5Q2hLwHdrvCZr5_omvuQ8LOd3_SWrt_7I5o9Q4P3tnPowPTmykjXqtSbzYPANt5alq-GLQ9id4_GbVm9SL6ykotfhfILgMRkW0_9G041I-kPr3nH3U72WVyCGZRXvp3Qw78hB4VHmOG5Lvrai1eLVAI3DlX-AxNbh_CEkjC2n1oc2spiDpIn-EbxanXTzTv8sAWFKSIPwHLtVn6Tt8sO4paTF84x0TdgJSViDw1aviQ0jxf8TiwjhWQ9Vg3dMJJ5PrvJhVOrNpCaypRZtTdbpDBdhXLDj-EdnyG-poNpFBnwq7HKldzKDVCEKjT-klyvNPqrx9Buqek6xSkU9uWiDKiJFEmpq6aKCAu4BHnZcWwAb6hgNbVwxf3aljoeOM-oExw
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4437 0
0 37ms
36ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbZjKRQCyT78n4sLSQicMl_lF0uiYchZqtO9zh1DPZOGiQM6GY0CH1Kdhcp6EeI0W76MzLpfhS9Zz5RyTHQNBPAr1YVw
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4437 24 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Nov 2024 17:29:53 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4437 202 KB
64 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:21 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 4437 68 B
243 B 50ms
49ms Image
image/png 51.20.47.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hgpk6ms9&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl8zXzFfYWQifX0%3D&cb=6138037&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.47.97 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-47-97.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ym.1.js Show response
static.yieldmo.com/ Frame 52E0 487 KB
134 KB 29ms
29ms Script
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28cd33d7eaf1080e2d9d9c3a96ab1e7e19548b7b3ffc55b394107a113e63f959

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VLN07B6jDUKV9YGz8xtQMPBTKodlNdhp
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Sun, 03 Dec 2023 09:09:04 GMT
x-amz-cf-pop: FRA6-C1
age: 73566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:56:18 GMT
server: AmazonS3
etag: W/"b6d980ebe9156ae6eb1f2f6a120cb463"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: r-pj4viiCwiUr6zCw1S1JyVqdDLTkwqDJHlx7r6QpIpZvH2ylL7flA==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 52E0 3 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:25:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C190 1 KB
643 B 29ms
29ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 46811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 52E0 20 KB
8 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 52E0 43 B
492 B 53ms
52ms Image
image/gif 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3420950686041575681&pvt=1701667100871&plid=2521236318193655889&imp=2470412086186791617&rep_meta=bTc-NR3YUAq-wkpp4b6EauzKGRjHwJtrXUYI6ILCzE0LrT96minz6qffG6kf_BLsQ9pQ425rNeLTH5_SfqGNP_fXs9TSipPGjQqgXpuVMdpJKOkDtDbZOYHeyeHc6CF4hU_RjttHeVGTBlM2ZULRaOZAz1QCfPbwy4t-WuWkMiVOxFWWjxAOD3T0qPNNCz6g1q2HR8_F4_LT75Uk75oCl0C3G0nS3DzYvQN9FTlrQ0k-AmT7z52gQEw7Vlc-Htj6npGikXP3C4UvaBrblasfr8Ww9xjvVhwPJ04mSJkiWF5ir5Mfk111nTMsiHyChCjzFeMyqV83qLo_lwCV-G0sDh7m-q-k5OmBPIlb-ed9ZpUa-n_ZhInWBaYvHRzihSkON9mYMeb5L7MB-gmRieO6PmaXruUg5_LKU3EvUVMZkVw
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame 52E0 0
0 37ms
36ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBa05lhhafQ-tkKM7-QwIe9eDRtNjfqLgHEaxgCAyY_YKVRhWtB6_UFFd75zxkkuCBBd-9Ea68mK-DAORPMze3rZvW2A
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 52E0 24 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Nov 2024 17:29:53 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 52E0 202 KB
64 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:21 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 52E0 68 B
243 B 51ms
51ms Image
image/png 51.20.47.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hgpk6mu8&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl80XzFfYWQifX0%3D&cb=1986782&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.47.97 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-47-97.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ym.1.js Show response
static.yieldmo.com/ Frame C930 487 KB
134 KB 30ms
30ms Script
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28cd33d7eaf1080e2d9d9c3a96ab1e7e19548b7b3ffc55b394107a113e63f959

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VLN07B6jDUKV9YGz8xtQMPBTKodlNdhp
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Sun, 03 Dec 2023 09:09:04 GMT
x-amz-cf-pop: FRA6-C1
age: 73566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:56:18 GMT
server: AmazonS3
etag: W/"b6d980ebe9156ae6eb1f2f6a120cb463"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: wtOfWvbjO8HCc-xy9AqmmHibVHE3j3YL_BVSnQ8O7OA0F-ZQmpiIag==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C930 3 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:25:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6389 1 KB
643 B 28ms
28ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 46811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C930 20 KB
8 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame C930 43 B
492 B 54ms
53ms Image
image/gif 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3420950686125474683&pvt=1701667100881&plid=2521236318193655889&imp=7242427996434932803&rep_meta=QOSSttprBvD16yQ9euyC2Vf81QW3rW6aNMucKMTr5Q2hLwHdrvCZr5_omvuQ8LOd3_SWrt_7I5o9Q4P3tnPowPTmykjXqtSbzYPANt5alq-GLQ9id4_GbVm9SL6ykotfhfILgMRkW0_9G041I-kPr3nH3U72WVyCGZRXvp3Qw78hB4VHmOG5Lvrai1eLVAI3DlX-AxNbh_CEkjC2n1oc2ufWivzQR4ZzFCOq6NI7qiSp-h41gK2hjZLfhkHb-noKum-XTKnCqtxXiNoe8NVs1FrbIJD1BHvVnOVgh28sy8peN4zczCabiT3qEGza3wv2OFYtM_iohJadbtZmjjzMm4-W_i4Z8pQ7nsrF52U0Ddkq1roeXUPPK3tDCLdapV0ulySiEqa4TGwSRa9y-UO7B4qtoirUjknVd5izvXapTz4
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame C930 0
0 37ms
36ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCEGBZqmefic8YBixKG5k_qdOnIUUQVLF1dxbST8j2BQzHhqZnUc4CC3WPAinij_2Er6xo4VIMqq0533luCFmJrHQMxA
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C930 24 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Nov 2024 17:29:53 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C930 202 KB
64 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:21 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame C930 68 B
243 B 50ms
49ms Image
image/png 51.20.47.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hgpk6mvu&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl8yXzFfYWQifX0%3D&cb=6007004&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.47.97 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-47-97.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ym.1.js Show response
static.yieldmo.com/ Frame DBA4 487 KB
134 KB 33ms
33ms Script
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28cd33d7eaf1080e2d9d9c3a96ab1e7e19548b7b3ffc55b394107a113e63f959

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VLN07B6jDUKV9YGz8xtQMPBTKodlNdhp
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Sun, 03 Dec 2023 09:09:04 GMT
x-amz-cf-pop: FRA6-C1
age: 73566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:56:18 GMT
server: AmazonS3
etag: W/"b6d980ebe9156ae6eb1f2f6a120cb463"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: WitzlTJI2ezwiHpJELTrcdjAorNntqv6_u5r7XJhVuZX2ZmJCgmNUw==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame DBA4 3 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:25:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EFE7 1 KB
643 B 29ms
28ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 46811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame DBA4 20 KB
8 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame DBA4 43 B
492 B 54ms
53ms Image
image/gif 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3420950686142237786&pvt=1701667100883&plid=2521236318193655889&imp=2743951696163359586&rep_meta=8vWBwGAh266yw2M536u2KGa-MVQErRT-TJfImKZSejOqZ2frvEShz6BXN1Pn0q2wbtpw2PjkJmYzFNRZ26qfnmHpN1AbUyQWjVzuTEWEN1S9mPN9C1_XbqAZzw0bvMTzG4OSaTJyV88e0nVM47T38uGl1KO4p5BSHaEIxHEpfsxWH5fTKrSc8_Ne5XU0jmHFSc7T2cbN75gcsffyEqcnlM8mYRrzTYgvYM6X0hAk8JJEs-9HQWiNXv5l31PyukczV7XSkRhLfVRaD4ePI5AZhmzMJt9XXRH0jhFfFOLh35zBFEx5z4D1F_5ZSv2trPf-UUgz8VsQ9v1La14CRR4Fm5A2Z0MA-SpRfqS79x81XMoSALnGN4T-iBzM_2hL4UJxhbTYuyM0ojX8O3Sev6APz_e8w4IfQMNNRNjG7209qaU
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame DBA4 0
0 36ms
36ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWfWX27d0hcVL7ecF4M7XVLWDcKgQ5n6eF7_Pk3F5eCEcov69ays1ZII9wvl4B-DSuvNwnS4E8rydJVaE-BQHhuAlYig
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DBA4 24 KB
6 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Nov 2024 17:29:53 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBA4 202 KB
64 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:21 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame DBA4 68 B
243 B 50ms
50ms Image
image/png 51.20.47.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hgpk6n1o&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl8xMF8xX2FkIn19&cb=5501899&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.47.97 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-47-97.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ym.1.js Show response
static.yieldmo.com/ Frame 8169 487 KB
134 KB 30ms
29ms Script
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28cd33d7eaf1080e2d9d9c3a96ab1e7e19548b7b3ffc55b394107a113e63f959

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VLN07B6jDUKV9YGz8xtQMPBTKodlNdhp
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Sun, 03 Dec 2023 09:09:04 GMT
x-amz-cf-pop: FRA6-C1
age: 73566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:56:18 GMT
server: AmazonS3
etag: W/"b6d980ebe9156ae6eb1f2f6a120cb463"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: AMUOer0X0gJaV9AVOYlSqyPlIaLQF3F5EVDduuYvVX2dnzZ5mUAuEg==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8169 3 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:25:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CDF6 1 KB
643 B 29ms
28ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 46811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8169 20 KB
8 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 8169 43 B
492 B 53ms
53ms Image
image/gif 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3420950686150633565&pvt=1701667100884&plid=2521236318193655889&imp=5811196869906198759&rep_meta=jwyonbZpfzb9KEwcYcZFv0jer_JmPt3apfWzLlQ6Lmr8eUG9fNZpWwFKBZXb2MnnHuskbHJNMb2aXd3GafhespAaU2iiU7u8voA8wOHw6xlJrjMAKdB8qlbM94hXatNtCrZUO7f5oFeNBrpb7NzusHuwA0oByOb3veX9dVAv3XOPhb8UTLE41wJz6OyIMTlpIfKWsCgnzU-d2MYABOvdfhtJmD6JHbkdg2bumxDQELjgtz01uOjjfthPO0nGT7mReGHGq00QmOxS0AJG-jlRDayjOSOQQXTJI_ka0Grt-asqOzO6FPCowmrjBqN2WMadHkQY4FwGI7FPOzFMUaGHgxoN95cdJwm41MmcK5eweBsAS-01HJLUC-2qUx7kVU_b20ae2g4QUIvWNiJi8LvD8JJFaBsqRde0A5Xf5D7wg3w
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8169 0
0 37ms
36ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-M0RmXVpJv2015kV2cJ4rGj271qM8ZBgzDUQqSFzufRXHYGx7e0V_-4LAg9Jg0H7-Q1jarJVpZEvBrxSGzcssINexOg
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8169 24 KB
6 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Nov 2024 17:29:53 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8169 202 KB
64 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:21 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 8169 68 B
243 B 51ms
51ms Image
image/png 51.20.47.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hgpk6n3k&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl85XzFfYWQifX0%3D&cb=3569433&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.47.97 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-47-97.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4141 478 B
531 B 166ms
61ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBjK4fj_ATAB&v=APEucNWp65aovdv-zU1nERpAnw1G_oz7TRzMs4-OMo108fcioxpwmivzFvbdvNUMaVhK9lxfoKCUuVxVvSiRwtCPdFoPm1VEhQ

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4233 89 KB
31 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:21 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4233 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CU3OC911sIxGixTMao7FJE4VJafC1vlEg2smlU2lSm4LS6K28kAVzkSTQqX4WdzQITSAFpH9XmDiGDIan4pceY3dB9zcUv9Ayk4Z-bz0r2nydcZuU

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4233 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9273640875439355339&x=1&ct=77

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 4233 32 KB
8 KB 151ms
66ms Script
application/javascript 217.79.188.60
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: br
last-modified: Wed, 22 Nov 2023 10:00:03 GMT
etag: "3305548861-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8362

GET
H2 200 js Show response
ad4.adfarm1.adition.com/ Frame 4233 3 KB
2 KB 123ms
40ms Script
application/x-javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/js?wp_id=5152764&kid=6122633&bid=18910171&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CRLZbHGFtZdjwMLzPjuwPt9uyuAmf7sTTc8u_kNOdEve3vs-IChABINjV2Ctg9YWAgPwDoAH39-mEKcgBCakChxZyOYpCsj6oAwHIA5sEqgSOAk_QVwo9t6SpGSY9JOTK4mZOvtH1BgpkJV-iH_r9KdxxGTK7v4xOyIcPRFo584vHsHuaT328Hw95M85NxX66u41soP5pUS-Fu_IgVUpcObEHEjELkGyurycdZJPgHYCyrGHnRGrEjDPXN9PutzL7XzB4RCCqGsDLz7VF0C1Ai0pzMFFjQw8bQjivPFwXlJPEimuAMRezV2PiSfHBj6Z0k0IJpxQdjoRLj-dulld_AXTlQS1vQK0_vHwdVCoIhrEH9HfF7EHsPKD9lUFRSQUYwpX0cinB44qNlVG3wicnvfPX42RdZqNrTYh7oC-ayT-dmy_CyZJhfAHvvq0b6AajITVTHWVQ0NB4KA1Bdm3sq8AEvKyivsYE4AQDiAWGts2DTZAGAaAGTYAH96-65AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpY657F-IP1ggOACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJDSOINEwiO2cX4g_WCAxW8p4MHHbetDJewE7fi3BXQEwDYEw2IFAHYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSPADICaaNXxgMCgnmuSVQZgTAi0GsZPDIAHk_91Mwc4prGAQDYfmyKyjv3YeYVkGMvB9i4G20L2SbqiTSuRgB&sig=AOD64_2U44_6WHCwfQPMDy5O5Nz9lQthYw&client=ca-pub-3944954862316283&dbm_c=AKAmf-D8_tEo27UV7ndJunUm-DQZJsBwx-El-TTGxRI06-tPyybmLx7GdVnXDHaecHkr4UIAsb26sjo51J109S0nvHwT2Z8big4ZYkugkrB-fW43SePLFnH0vHZWVreoOgizXERRsZEVTitc9cPRLOKV_2hrt7VKVjTbTtJjmLITIs8-7VJxKm0&cry=1&dbm_d=AKAmf-Cf-Zf_Gu_wl2XRZIjCHJNSyuIIo4DQiRyST_JjP0BfuzrGDJhXPlP9Es0Tf13h8e7Dam05-Ft-UtExAjGgFS1G5jcWxl6fGE-NmRLX3e3LEBdJAlnNfbSMhxg8j1uv-hmrLXW2nMG1vTKl9-yNBJ2FQ-fnX-7a8-H5_jhpj3-ki1ilNUK4PvGbhVcTn-Qg_0XJ2pg4CfzMSXmNr-D7D-nWbIyffG5abSyOZwrOkg5VEa85ZDJGmFLW37waaMarTEB2m38qQxoW0WQ1fdFD6CwJ6kDMdILDNDbfeY3NtdghNKnwj9JzHKkRqDZsUBcndsYSKQM-FMS3M2CMoZ70DE96F86SJNdxDAwVsZ0UEDltEJISsokD_zokWOvzmr4OQd5GpEbyqJrWbeIQ_UvtvbBAof41jNYVfldgXHBgxBkb-OS0D6mbE521yPjJo3m4MR353VAG9fd3Ei-njfaYwhXj-CT-myRyJzfHpScK8eRnT3EZSfaaQKegQT5LDEidHm4XXwd46dM7PW6SUU64y_nu6WxeA9GT8OaBPeT1VFbGGJ9LxbU&adurl=
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: b28a7e03e4d1948b96be3cc0b96cbe3b58d478ac74e0d44058598336e598eae6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Mon, 04 Dec 2023 06:18:21 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4233 3 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:25:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4233 20 KB
8 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4233 0
0 37ms
37ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJW-OS0OLnLaU0yJKfG3bjjklhESj9IYseCTocirJxP-vdpBE5N6TdPm9Db-PWsNFHt9MtHU2ESZwIR35ObUkSZi-OnQ
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4233 202 KB
64 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:21 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 4233 68 B
243 B 52ms
49ms Image
image/png 51.20.47.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31hgpk6n53&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl83XzFfYWQifX0%3D&cb=915995&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.47.97 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-47-97.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ym.2.js Show response
static.yieldmo.com/ Frame 4E44 487 KB
134 KB 30ms
30ms Script
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.2.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28cd33d7eaf1080e2d9d9c3a96ab1e7e19548b7b3ffc55b394107a113e63f959

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wAv0F9xT_6fpa9MqNjtfZn7G3tECVNWd
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Sun, 03 Dec 2023 16:57:47 GMT
x-amz-cf-pop: FRA6-C1
age: 44481
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:56:18 GMT
server: AmazonS3
etag: W/"b6d980ebe9156ae6eb1f2f6a120cb463"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: tjy0dW0EGqWBGxiV8PsMO_Aq5kL2vT_7yrcfB7E-DVrvb4wp6YXURw==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4E44 3 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:25:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F132 1 KB
643 B 28ms
28ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 46811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4E44 20 KB
8 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 4E44 43 B
492 B 53ms
53ms Image
image/gif 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3420950685991256902&pvt=1701667100865&plid=2521236318193655889&imp=2340776237192714681&rep_meta=QOSSttprBvD16yQ9euyC2Vf81QW3rW6aNMucKMTr5Q2hLwHdrvCZr5_omvuQ8LOd3_SWrt_7I5o9Q4P3tnPowPTmykjXqtSbzYPANt5alq-GLQ9id4_GbVm9SL6ykotfhfILgMRkW0_9G041I-kPr3nH3U72WVyCGZRXvp3Qw78hB4VHmOG5Lvrai1eLVAI3DlX-AxNbh_CEkjC2n1oc2spiDpIn-EbxanXTzTv8sAWFKSIPwHLtVn6Tt8sO4paTF84x0TdgJSViDw1aviQ0jxf8TiwjhWQ9Vg3dMJJ5PrvJhVOrNpCaypRZtTdbpDBdhXLDj-EdnyG-poNpFBnwq7HKldzKDVCEKjT-klyvNPqrx9Buqek6xSkU9uWiDKiJFEmpq6aKCAu4BHnZcWwAb6hgNbVwxf3aljoeOM-oExw
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4E44 24 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 474508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Nov 2024 17:29:53 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E44 202 KB
64 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:21 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 4E44 68 B
243 B 51ms
50ms Image
image/png 51.20.47.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hgpk6n77&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl82XzFfYWQifX0%3D&cb=3374270&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.47.97 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-47-97.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET cs
ad.turn.com/r/ Frame 2C5F 0
0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2C5F 35 B
463 B 109ms
30ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOTM0jG7fKuy7iCCfWa_WOc&google_cver=1&google_push=AXcoOmT2lz6WcfcFXupWraOJunhA6i-34pGXygbo35_A7VU3A6CM78MDGwmU5huB52J8MU4XJeppQO7D1IA5OVmE3HOHt-Sn87J1

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET

current
dclk-match.dotomi.com/match/bounce/ Frame 2C5F
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFCMCdXIho9-Nb-qlEmBWjQ&google_cver=1&google_push=AXcoOmSb50usLir55i3083yGnn2sw8fu8o7ZT_DoYefZhzSSnUzG-N6...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=47cf8806d06117e5&is_secure=true&networkId=14000&version=1&google_gid=CAESEFCMCdXIho9-Nb-qlEmBWjQ&google_cver=1&google_push=AXcoOmSb50us...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 2C5F
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmSZG08DMTmB48pR8PfalipBvCLyJT52mIBKRz7L6Gx7Vtk5wM-Zzy-DwJA9ksGmf4BltIkLEBu8wL16iPaRZ...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmSZG08DMTmB48pR8PfalipBvCLyJT52mIBKRz7L6Gx7Vtk5wM-Zzy-DwJA9ksGmf4BltIkLEBu8wL16iPaRZ...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSZG08DMTmB48pR8PfalipBvCLyJT52mIBKRz7L6Gx7Vtk5wM-Zzy-DwJA9ksGmf4BltIkLEBu8wL16iPaRZPyMixOV49-6WQ&google_hm=Hw1etGZHSM0AGr4eTh-9...

0
0

GET

cs
cs.lkqd.net/ Frame 2C5F
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOYrEoBiycuoiDYJ2Yav-24&google_cver=1&google_push=AXcoOmTL6VfvYs12iGNqkNSXS53bfb-7HDSkOM2PPZaG5wxfQJ4dD66jqzRtXN_0m0dZ1vxE4mDmtYbJopQEKIw9...
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=f5891b64ca&gdpr=0&gdpr_consent=

0
0

GET

RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003
sync.targeting.unrulymedia.com/csync/ Frame 2C5F
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQEK8lRjhHiWpyo-4DSTN00sMKrllItJgs-1zMICOtACFTGs5jpWpoQlkitbBGA4A7LTcQxxI8jm9WcfOs8PtB8MKHTkqMB&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQEK8lRjhHiWpyo-4DST...

0
0

GET gob
sync.inmobi.com/ Frame 2C5F 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2C5F 0
59 B 57ms
57ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LXXN5HMjBL8W6sQ2DXKc85ayn61KPqEjMggHjBkdQYzRfwnBHwJHDlWkRdvjs0yXU3kOfwjg

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 9EF4 49 B
494 B 586ms
164ms XHR
application/json 18.154.63.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
via: 1.1 2ce5a9ba754326069390699371a502ce.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: f8I7OAgtlxQ9rPWRqL8daB2kWaDnV-7mqHzN_ejzUmdbozNH8Gau9Q==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 345ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: f2ac76fc-46bf-40c2-af4b-15a22614a756

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 9EF4 133 B
569 B 284ms
167ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: eb8958b37843949e6a1d11be515a8a16d8bc0c801532ce0229dc874b61d08e42

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=df8a8ddfcee3ece51ebc50027b904af03be876e5cf761a4ad8ae5bae85da52af
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: d76c49cbe24aebf66e08d4c4af5f9be503979784402218d7a8d1085da24d5629
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051821Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: cb1740ae-56e7-7b48-96f0-23f0c5e6fe9b
Content-Length: 133
x-amz-id-2: UBh4+xoOP7y3HYOJQF7YIcRUJcI7jK38nF/wO68SHT469apD0Jubg0JsTcuT1HJbdgEteBo9rmBjses1XkDLi4RPLtPFleXj
Content-Type: application/x-amz-json-1.1

GET
H2 200 ymcas
ads.yieldmo.com/ Frame E74A 5 KB
0 55ms
54ms Document
text/html 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Mon, 04 Dec 2023 05:18:22 GMT
pragma: no-cache
vary: accept-encoding

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js_a/desktop/ Frame 9EF4 208 KB
64 KB 62ms
31ms XHR
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js_a/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: M..2uk1oytKXIiwyOT2pb17QwmooKg.V
content-encoding: gzip
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
date: Sun, 03 Dec 2023 06:15:40 GMT
x-amz-cf-pop: FRA6-C1
age: 82963
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:39 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: 6RvPhjoafssM1c_MPztBI5h9qkIPn0IkmLjso7B2w9XQzet5AxkQCw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 339ms
112ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: f66bf598-57d0-8280-ab8c-96c6be1f2952

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 9EF4 133 B
569 B 239ms
118ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 883c856b8b93171c2a9473c203259c6c94b612b35c0b46d4844a98a6b92febaf

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=4627ca46bda13f88a1e8ff210aaa9ef237431dd8d7c19d459c2c580159d7e52f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 8800a949581dfc98b872c83eb6a87af30f8a7d3b3377db217ee7e1ff3aad3c10
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051821Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: ee2af3d4-939e-509e-b3cd-908a2100bde0
Content-Length: 133
x-amz-id-2: gPpIgp2hKcpWNrIuBzkTbk2PggJnAeFyVD+EiuqT2GprymSfVUWkEHegODjcjM0dZGpua8ds2ZbTUNcjoGWERKggqH/B7sar
Content-Type: application/x-amz-json-1.1

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DCC 51 KB
19 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:31:34 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8769
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTZol...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTZolraBZts7pc4x8WC3ItKGaj5-gRZqTJl3H4G_omH63Rdut6GmFxoFTM61Y4Ym53iIpbry_hVC-HS...

170 B
188 B

66ms
65ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTZolraBZts7pc4x8WC3ItKGaj5-gRZqTJl3H4G_omH63Rdut6GmFxoFTM61Y4Ym53iIpbry_hVC-HSmmqG3gufpbjiwwrf

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTZolraBZts7pc4x8WC3ItKGaj5-gRZqTJl3H4G_omH63Rdut6GmFxoFTM61Y4Ym53iIpbry_hVC-HSmmqG3gufpbjiwwrf
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 746826
content-length: 0
expires: Mon, 04 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8769
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=if_zpGoxQOi43TEU9lvKcA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

62ms
62ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=if_zpGoxQOi43TEU9lvKcA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmR1v5eGJXbqb8rDB6gPf-6ALIV0jkq3GfXsc9m6apJLP77Y0chwnvRUoKrlEK6EWmqi4U9hBRlM8Xjq3wiRQ-X68mH_C_Rz

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=if_zpGoxQOi43TEU9lvKcA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmR1v5eGJXbqb8rDB6gPf-6ALIV0jkq3GfXsc9m6apJLP77Y0chwnvRUoKrlEK6EWmqi4U9hBRlM8Xjq3wiRQ-X68mH_C_Rz
date: Mon, 04 Dec 2023 05:18:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8769
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_hm=ZW1hHkOAi-wH-Vr81cCwrwAADQsAAAIB&google_nid=index&google_push=AXcoOmS23FnWv2odTiZjXHchcZQM96nLI3aMD...

170 B
188 B

65ms
64ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_hm=ZW1hHkOAi-wH-Vr81cCwrwAADQsAAAIB&google_nid=index&google_push=AXcoOmS23FnWv2odTiZjXHchcZQM96nLI3aMDFsNivLjUwAIQPsk9pmxJ-UDJKZgMKu21skrJaydpG_zppj8SExdCEkpNHxj6eE

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuJhv91NNPRw4vP1%2B2gxe1NCey%2BQOLOtMBkw4bW2YKAu3SEcznLP8oFIrNCEM0DByZH5nO1PunNembQAXwKbNoCGXjgSB2Ald%2FhGRyHlR9YnVRzvXopF5u3uHkDl3Vr1rqilofuEkhpfbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_hm=ZW1hHkOAi-wH-Vr81cCwrwAADQsAAAIB&google_nid=index&google_push=AXcoOmS23FnWv2odTiZjXHchcZQM96nLI3aMDFsNivLjUwAIQPsk9pmxJ-UDJKZgMKu21skrJaydpG_zppj8SExdCEkpNHxj6eE
cache-control: no-cache
cf-ray: 8301969ca84001e7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8769
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRC-yUlFg4MMO5BazIkiiHKGr7DR4ff4MtT9keLOYdhFuQDfi7fmFSx_3-rYh7zy7VYbgZyXOphrL...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRC-yUlFg4MMO5BazIkiiHKGr7DR4ff4MtT9keLOYdhFuQDfi7fmFSx_3-rYh7zy7VYbgZyXOphrLCaBWaE4yZknMCvYTks&google_hm=4e99d381-35e8-44a5-86...

170 B
188 B

61ms
60ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRC-yUlFg4MMO5BazIkiiHKGr7DR4ff4MtT9keLOYdhFuQDfi7fmFSx_3-rYh7zy7VYbgZyXOphrLCaBWaE4yZknMCvYTks&google_hm=4e99d381-35e8-44a5-862c-7683f40a8f58

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-210
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRC-yUlFg4MMO5BazIkiiHKGr7DR4ff4MtT9keLOYdhFuQDfi7fmFSx_3-rYh7zy7VYbgZyXOphrLCaBWaE4yZknMCvYTks&google_hm=4e99d381-35e8-44a5-862c-7683f40a8f58
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8769
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmTnvcxUHXRYcOuiwkXvbbB0MUPYW0XUaGVGj0770J4ioGaSg8C1mmotUyZXghqQe0g2qrXPpdULpsytei5zs...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmTnvcxUHXRYcOuiwkXvbbB0MUPYW0XUaGVGj0770J4ioGaSg8C1mmotUyZXghqQe0g2qrXPpdULpsytei5zs...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTnvcxUHXRYcOuiwkXvbbB0MUPYW0XUaGVGj0770J4ioGaSg8C1mmotUyZXghqQe0g2qrXPpdULpsytei5zs300llbt00hh&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

170 B
188 B

63ms
63ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTnvcxUHXRYcOuiwkXvbbB0MUPYW0XUaGVGj0770J4ioGaSg8C1mmotUyZXghqQe0g2qrXPpdULpsytei5zs300llbt00hh&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 04 Dec 2023 05:18:22 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTnvcxUHXRYcOuiwkXvbbB0MUPYW0XUaGVGj0770J4ioGaSg8C1mmotUyZXghqQe0g2qrXPpdULpsytei5zs300llbt00hh&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8769
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEFLxQDcnCVlnwQQEeEywfAY&google_cver=1&google_push=AXcoOmSquSC1szoCPgqGKIMP7o5TsRQJAKQcGuq7ts7Yzu03bkppwPgld46tP7s7kFj2mr0widdJ0O-XyVU0pnHCMtHAt79F4ieF
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSquSC1szoCPgqGKIMP7o5TsRQJAKQcGuq7ts7Yzu03bkppwPgld46tP7s7kFj2mr0widdJ0O-XyVU0pnHCMtHAt79F4ieF&google_hm=M3pjY1ZoaE5OcmhKRmJv...

170 B
188 B

62ms
62ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSquSC1szoCPgqGKIMP7o5TsRQJAKQcGuq7ts7Yzu03bkppwPgld46tP7s7kFj2mr0widdJ0O-XyVU0pnHCMtHAt79F4ieF&google_hm=M3pjY1ZoaE5OcmhKRmJvdHZ0eks=

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSquSC1szoCPgqGKIMP7o5TsRQJAKQcGuq7ts7Yzu03bkppwPgld46tP7s7kFj2mr0widdJ0O-XyVU0pnHCMtHAt79F4ieF&google_hm=M3pjY1ZoaE5OcmhKRmJvdHZ0eks=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8769
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEJSjrTTO_buI4BguiZdSF74&google_cver=1&google_push=AXcoOmSZvx8pev_w5T0cDI1pHxzyLBl7F9CknHSEqGQg21bgFvqyuLjRwEgQXp51O6uXQxMDDkC5YDqkMkg9gHtSha0p7RMb2bo
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzMzNjAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzMzNjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSZvx8pev_w5T0cDI1pHxzyLBl...

170 B
188 B

63ms
63ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzMzNjAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzMzNjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSZvx8pev_w5T0cDI1pHxzyLBl7F9CknHSEqGQg21bgFvqyuLjRwEgQXp51O6uXQxMDDkC5YDqkMkg9gHtSha0p7RMb2bo&gdpr=&gdpr_consent=

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 05:18:22 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzMzNjAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzMzNjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSZvx8pev_w5T0cDI1pHxzyLBl7F9CknHSEqGQg21bgFvqyuLjRwEgQXp51O6uXQxMDDkC5YDqkMkg9gHtSha0p7RMb2bo&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 04 Dec 2023 05:18:22 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8769 0
12 B 59ms
58ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LFaDRcoovjjnIZmzKlsbJ-wJIx7Y3qdyNqH92NbNhr2NBQZi627GS8AYUlwz53IGz1r4hb

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 146C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPy7IsM_Hy6hiRG9bZY4LjE&google_cver=1&google_push=AXcoOmRYt_7nuQ2gzX5PLS2B_CHbz_Xz4xzkhos3aVLoJaoeDv8BcTn7xXwyglpfgakPNP82v90xZXttTbMQc-IFXxLrqhp...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRYt_7nuQ2gzX5PLS2B_CHbz_Xz4xzkhos3aVLoJaoeDv8BcTn7xXwyglpfgakPNP82v90xZXttTbMQc-IFXxLrqhp-mK-B&google_hm=eS1IMFJiNEQ5RTJwRThhMW...

170 B
188 B

60ms
60ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRYt_7nuQ2gzX5PLS2B_CHbz_Xz4xzkhos3aVLoJaoeDv8BcTn7xXwyglpfgakPNP82v90xZXttTbMQc-IFXxLrqhp-mK-B&google_hm=eS1IMFJiNEQ5RTJwRThhMWpSUkxSUElabUIyb3d6bkhseX5B

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 05:18:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRYt_7nuQ2gzX5PLS2B_CHbz_Xz4xzkhos3aVLoJaoeDv8BcTn7xXwyglpfgakPNP82v90xZXttTbMQc-IFXxLrqhp-mK-B&google_hm=eS1IMFJiNEQ5RTJwRThhMWpSUkxSUElabUIyb3d6bkhseX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 146C
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR0eI...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmR0eIGgNb5UE92rc19Jj1b91z3ogHSOX98ukDS4xefqD6h9BDgHY3MYZjXOEdc5m0924nsR9mSs-LiQ...

170 B
188 B

60ms
60ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmR0eIGgNb5UE92rc19Jj1b91z3ogHSOX98ukDS4xefqD6h9BDgHY3MYZjXOEdc5m0924nsR9mSs-LiQqbVMH-wnnDQxVupw

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmR0eIGgNb5UE92rc19Jj1b91z3ogHSOX98ukDS4xefqD6h9BDgHY3MYZjXOEdc5m0924nsR9mSs-LiQqbVMH-wnnDQxVupw
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 723259
content-length: 0
expires: Mon, 04 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 146C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELpYUmnPN94ydMo0BuWYuRs&google_cver=1&google_push=AXcoOmQvojVUwGYnw_sB6LOl-qH6pC0idEZm2oU-Qd8Pqwi7lHK3CJfzzZazyuSEqB4VCzgLVlcqsJ0OOEcnzdI...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmQvojVUwGYnw_sB6LOl-qH6pC0idEZm2oU-Qd8Pqwi7lHK3CJfzzZazyuSEqB4VCzgLVlcqsJ0OOEcnzd...

170 B
188 B

61ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmQvojVUwGYnw_sB6LOl-qH6pC0idEZm2oU-Qd8Pqwi7lHK3CJfzzZazyuSEqB4VCzgLVlcqsJ0OOEcnzdIQoJK4A_F0EVM6

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmQvojVUwGYnw_sB6LOl-qH6pC0idEZm2oU-Qd8Pqwi7lHK3CJfzzZazyuSEqB4VCzgLVlcqsJ0OOEcnzdIQoJK4A_F0EVM6
Date: Mon, 04 Dec 2023 05:18:22 GMT
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 146C
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQEjRafn1y4g50Cy-YZUcJiJOUimgzn27C9266YdIjX7Er968Qf7ma0HSXSUFQoT-fI-YF1Gh2G67...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQEjRafn1y4g50Cy-YZUcJiJOUimgzn27C9266YdIjX7Er968Qf7ma0HSXSUFQoT-fI-YF1Gh2G67zXAxd0HgUcnHwDynla&google_hm=a015c8bf-37cb-49c3-a4...

170 B
188 B

63ms
63ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQEjRafn1y4g50Cy-YZUcJiJOUimgzn27C9266YdIjX7Er968Qf7ma0HSXSUFQoT-fI-YF1Gh2G67zXAxd0HgUcnHwDynla&google_hm=a015c8bf-37cb-49c3-a403-d7f60179eb82

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-95
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQEjRafn1y4g50Cy-YZUcJiJOUimgzn27C9266YdIjX7Er968Qf7ma0HSXSUFQoT-fI-YF1Gh2G67zXAxd0HgUcnHwDynla&google_hm=a015c8bf-37cb-49c3-a403-d7f60179eb82
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 146C
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEFLxQDcnCVlnwQQEeEywfAY&google_cver=1&google_push=AXcoOmS6SaP_yjdb5MLzEb0UpFTZIf1slWDh14XvaikB7d1u17k8WPdEfgkr3_pyyHV6OOUvzCHJJ_TJ20UIgy6Ypv61YnCtonEF
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS6SaP_yjdb5MLzEb0UpFTZIf1slWDh14XvaikB7d1u17k8WPdEfgkr3_pyyHV6OOUvzCHJJ_TJ20UIgy6Ypv61YnCtonEF&google_hm=M3pjY1ZoaE5OcmhKRmJv...

170 B
188 B

63ms
63ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS6SaP_yjdb5MLzEb0UpFTZIf1slWDh14XvaikB7d1u17k8WPdEfgkr3_pyyHV6OOUvzCHJJ_TJ20UIgy6Ypv61YnCtonEF&google_hm=M3pjY1ZoaE5OcmhKRmJvdHZ0eks=

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS6SaP_yjdb5MLzEb0UpFTZIf1slWDh14XvaikB7d1u17k8WPdEfgkr3_pyyHV6OOUvzCHJJ_TJ20UIgy6Ypv61YnCtonEF&google_hm=M3pjY1ZoaE5OcmhKRmJvdHZ0eks=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 146C
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAFbXywLQ7Wkqym9q0pt01M&google_cver=1&google_push=AXcoOmQgl7rpjluNL_UK8JQBScvCxMrnOnsSx48b8AhNCCrBY5xfN_hJuwbO4nrc2mZRszQqXMqcDai0mlE6tCBcDJJ5lu7v3Ma3
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQgl7rpjluNL_UK8JQBScvCxMrnOnsSx48b8AhNCCrBY5xfN_hJuwbO4nrc2mZRszQqXMqcDai0mlE6tCBcDJJ5lu7v3Ma...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmQgl7rpjluNL_UK8JQBScvCxMrnOnsSx48b8AhNCCrBY5xfN_hJ...

170 B
188 B

60ms
60ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmQgl7rpjluNL_UK8JQBScvCxMrnOnsSx48b8AhNCCrBY5xfN_hJuwbO4nrc2mZRszQqXMqcDai0mlE6tCBcDJJ5lu7v3Ma3

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmQgl7rpjluNL_UK8JQBScvCxMrnOnsSx48b8AhNCCrBY5xfN_hJuwbO4nrc2mZRszQqXMqcDai0mlE6tCBcDJJ5lu7v3Ma3
date: Mon, 04 Dec 2023 05:18:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 146C 0
35 B 129ms
29ms Image
text/plain 18.193.96.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDOGQAbAHZIkogp4UpZFDLs&google_cver=1&google_push=AXcoOmSwLrij1gkz_QoSu5vr7_wyFdu30seFd4AjWbJKgzwXl-puYxWokXk8_tGqPFwStAxcUI4PrulYmW7i9mFvaNTfcWREoqZXdg
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.96.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-96-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 146C 0
12 B 59ms
59ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iew2yAiGDurmPxxsUY0tzBflq1lll2OIgqJDcfIg2wt-_7IsHsZN4TCy2PP_GEVIZqSQeSNA

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame E624 49 B
493 B 478ms
172ms XHR
application/json 18.154.63.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
via: 1.1 2ce5a9ba754326069390699371a502ce.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: jQVRpSIXM1hilrFJk2-fdc0e49rSsDUJ7KnJ4lP6C7Xv_GTAsBGV7w==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 334ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: c501b2c4-b5c5-ebce-98e6-d19a0e081d96

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E624 133 B
569 B 302ms
125ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 3ecce84f51607f85b8f43d0dd6dbaf22feb4f747eba4259b8090c6a4635e64b1

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=672f35b5d99385a2eb92a25b30295bdd3586fea9dd99d9c67e033468459d4470
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 79b9b2f4f1393f0a35223b2599f00d5295aebc7e68095d727ccd496e58265e3a
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: d85ee898-ba14-e974-85b9-8bc629156ca7
Content-Length: 133
x-amz-id-2: DW75ZLTwR+4XAZQr26wj/90mCrTl6GrM3dF+N8N2Y60Tp78ZOm1G5d5nS2gljKdPSN9JMyZbrAgscTq6tF76qPna1/ZILJXk
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame B35B 0
0 53ms
53ms Document
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Mon, 04 Dec 2023 05:18:22 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 330ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: e14fec0a-cd3f-0723-bca8-8f54ad94e0b7

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame E624 208 KB
61 KB 32ms
31ms XHR
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 06:25:39 GMT
x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 82364
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: jmfjtPqBFF7yVN-gCKY0esniHBJXC5GnSRijt6HMNEZ-3W8O76mUDA==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E624 133 B
569 B 348ms
117ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: ac0616bffea261c865d269d5828615bbb5a45c092db52396457c1bacd647282e

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=be5e2ee0cd35d2c792c482bd6af89401101dad3c906dde42a0e25124e6bfddb3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 12514bd7dea72e3c950b763561a4ce09ba3c9789c363c731908258aa1b602a81
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: d1fd1faa-c4bf-c5cc-8c1a-7cf4a4142258
Content-Length: 133
x-amz-id-2: xPDiWw5BKLy1tpUuA7FX4QEzpihXDiN4EdS5oz8AksofFKQDDC5Ys8YU/2ThQVxPfjmUurKt6Hr+IRL5kTGfdsHqmmoAHWPV
Content-Type: application/x-amz-json-1.1

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 4272 49 B
493 B 438ms
168ms XHR
application/json 18.154.63.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
via: 1.1 2ce5a9ba754326069390699371a502ce.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: R4PsF6NpT0Hz2GTyQ_Rb8gVqn71snYQL3ysPqId2UxfyvrkREhc1dQ==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 325ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: c393fb0a-4be6-8dca-9e74-9854a2292618

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4272 133 B
569 B 386ms
159ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 5a568d568719c81b59d1b5a1217e1ebf709a44621d0a733f1a6d7282f8d36b7c

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=2760fbf0db4da7f1ee6e01b1dd688d94a1b0329518a5684207edea2bb3e30d70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: cf82a60fdd11080d184bbfe5aabfc443b2bb4516f19fd9858478a7a94a2d4fd2
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: c8e66585-f9ba-910d-9501-06db10753adf
Content-Length: 133
x-amz-id-2: FbyAcT/a2+SyGSBYd3dfOkqCuPsUpZ4yEDs8d0FcQNQeifSy17jkdewYIjYbQkJjl3hAA8BKGHfLvHHqT4Dc3/BqSduSlH8a
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 8981 0
0 54ms
54ms Document
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Mon, 04 Dec 2023 05:18:22 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 319ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: fc796d4f-1ea8-a47b-a19e-0e118da921a8

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame 4272 208 KB
61 KB 29ms
29ms XHR
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 06:25:39 GMT
x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 82364
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: liWcisQqI_Xr_hcHiCNUQk8TLIiyDYUNNcJ7_ujwHa7G1pE9zKW9bA==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4272 133 B
569 B 350ms
115ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: c7197ac11a25886b41feae687bf038b7396048a4cd44b261b0fc2281b0952a6a

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=796e6f7bb8b1374bec2f88445308bdd5a0dfea0985d191bb1368ad597bc5f7be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: dd45db4c787310851a6fa2f8bb76e7f38df6eeddee6beff2e887c9a728c4398a
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: fb2ad401-2981-c553-a6cd-b75f924c330b
Content-Length: 133
x-amz-id-2: S8rv1P2yT32JeUipMmgxURlnhe8j0fRLGkbk89nv7L/m2aZybXfG+y8CM+KOQV7NtxlpPTyhDYpAwEdCXHEjMn2D/ewyIgYI
Content-Type: application/x-amz-json-1.1

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 4141 170 B
188 B 64ms
64ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBjK4fj_ATAB&v=APEucNWp65aovdv-zU1nERpAnw1G_oz7TRzMs4-OMo108fcioxpwmivzFvbdvNUMaVhK9lxfoKCUuVxVvSiRwtCPdFoPm1VEhQ

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 4141
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7BhK2tQiCSXiqlAWD0ZhA&google_cver=1

43 B
540 B

50ms
40ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7BhK2tQiCSXiqlAWD0ZhA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBjK4fj_ATAB&v=APEucNWp65aovdv-zU1nERpAnw1G_oz7TRzMs4-OMo108fcioxpwmivzFvbdvNUMaVhK9lxfoKCUuVxVvSiRwtCPdFoPm1VEhQ
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsP4pp4w9IudMwuYUFzEtTlp59JBndiA%2B3%2Faa0ifAJ5BK%2FCf51rapP6Za2es1wsiAwNF02tLL3gE5DQDJ1gwsus9L%2BWid%2Fi%2BlpJm%2FOLctZhRooHEUbPlFYrqKVVIqBA%2Btp4srX89ydhTmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8301969d796501e7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7BhK2tQiCSXiqlAWD0ZhA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4141
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW1hHilwAW4n0FA5a6txPwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7BhK2tQiCSXiqlAWD0ZhA&google_cver=1

43 B
731 B

53ms
53ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7BhK2tQiCSXiqlAWD0ZhA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBjK4fj_ATAB&v=APEucNWp65aovdv-zU1nERpAnw1G_oz7TRzMs4-OMo108fcioxpwmivzFvbdvNUMaVhK9lxfoKCUuVxVvSiRwtCPdFoPm1VEhQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dsOqa3QSk7HbH1ewoxudA9zBUUpgzx8UgHle17Zg2fPoJoHn6EgXiNhCOqE8zCXfcFAwKUuHYnP814IXan%2BRV7AZBcrgMc76lL9Wz3klPz3ZRIn4z6kx2hCpywO%2FFLlAX52Nhz2YprMZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8301969e48a00200-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB7BhK2tQiCSXiqlAWD0ZhA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DEC
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTJtY...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTJtYUbQRYCWrFEoH7pFcAA3bKJM7h4VT-S0mxFUwTBnxg8gfsivbyVfRSc0p-LE9qEPQlKY12cc1TA...

170 B
188 B

64ms
64ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTJtYUbQRYCWrFEoH7pFcAA3bKJM7h4VT-S0mxFUwTBnxg8gfsivbyVfRSc0p-LE9qEPQlKY12cc1TAmWTLHGaKalG1Omlv

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTJtYUbQRYCWrFEoH7pFcAA3bKJM7h4VT-S0mxFUwTBnxg8gfsivbyVfRSc0p-LE9qEPQlKY12cc1TAmWTLHGaKalG1Omlv
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 774846
content-length: 0
expires: Mon, 04 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DEC
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELpYUmnPN94ydMo0BuWYuRs&google_cver=1&google_push=AXcoOmQkQeu4TH-HyPxylxPHNjGJ38fuaYVq5jwTQLDK4uOwetP9px6mVFJxq0vCLGOIC2ZYL1CvvmD5lKY1Eut...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmQkQeu4TH-HyPxylxPHNjGJ38fuaYVq5jwTQLDK4uOwetP9px6mVFJxq0vCLGOIC2ZYL1CvvmD5lKY1Eu...

170 B
188 B

61ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmQkQeu4TH-HyPxylxPHNjGJ38fuaYVq5jwTQLDK4uOwetP9px6mVFJxq0vCLGOIC2ZYL1CvvmD5lKY1Eut64nwgZHeg358

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmQkQeu4TH-HyPxylxPHNjGJ38fuaYVq5jwTQLDK4uOwetP9px6mVFJxq0vCLGOIC2ZYL1CvvmD5lKY1Eut64nwgZHeg358
Date: Mon, 04 Dec 2023 05:18:22 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DEC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_hm=ZW1hHilwAW4n0FA5a6txPwAAFKMAAAAB&google_nid=index&google_push=AXcoOmT9l8_lKo50j_nqoni9BrZSkaaY87kBj...

170 B
188 B

67ms
66ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_hm=ZW1hHilwAW4n0FA5a6txPwAAFKMAAAAB&google_nid=index&google_push=AXcoOmT9l8_lKo50j_nqoni9BrZSkaaY87kBjUKnJdt-9xIHJer8Ke46r99RHC4KkNrBypAxrXQm5tmCsZq63rcvA6p-OWs0xyw

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akKgN8R%2FDlKu%2F8QelkBdjjQZkHVfRD%2BIw89bQEpGIq5zUbxUFuEDUs0wVRyCFLXmYw1yoBrbiaUUCxKh70KaesYE9Uif863qQO0xIC01rFMUHj%2BPkttB9Uw6uuIO6xaHB6YhalJbnHSalw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_hm=ZW1hHilwAW4n0FA5a6txPwAAFKMAAAAB&google_nid=index&google_push=AXcoOmT9l8_lKo50j_nqoni9BrZSkaaY87kBjUKnJdt-9xIHJer8Ke46r99RHC4KkNrBypAxrXQm5tmCsZq63rcvA6p-OWs0xyw
cache-control: no-cache
cf-ray: 8301969ca84b01e7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DEC
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmRXXVCORDr_YIn_RgD6KTwjCI3rL4Z0peoEWTeYrPitd8aAR5V9fTeM7TuyfrYLyH5EwUG7_ffoSJnWAzBcR...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRXXVCORDr_YIn_RgD6KTwjCI3rL4Z0peoEWTeYrPitd8aAR5V9fTeM7TuyfrYLyH5EwUG7_ffoSJnWAzBcRJU6J__aQZo&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

170 B
188 B

64ms
62ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRXXVCORDr_YIn_RgD6KTwjCI3rL4Z0peoEWTeYrPitd8aAR5V9fTeM7TuyfrYLyH5EwUG7_ffoSJnWAzBcRJU6J__aQZo&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 04 Dec 2023 05:18:22 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRXXVCORDr_YIn_RgD6KTwjCI3rL4Z0peoEWTeYrPitd8aAR5V9fTeM7TuyfrYLyH5EwUG7_ffoSJnWAzBcRJU6J__aQZo&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DEC
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEFLxQDcnCVlnwQQEeEywfAY&google_cver=1&google_push=AXcoOmR30kP-VzHnIawb4Mwrcr8zYDCmbR3lLTjYdq5WiHBNqlleMBdWj19r4qz8w_VqkFsR6CwE4pH0qEBuTIx-lYMWoIrqv8tT
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmR30kP-VzHnIawb4Mwrcr8zYDCmbR3lLTjYdq5WiHBNqlleMBdWj19r4qz8w_VqkFsR6CwE4pH0qEBuTIx-lYMWoIrqv8tT&google_hm=M3pjY1ZoaE5OcmhKRmJv...

170 B
188 B

62ms
62ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmR30kP-VzHnIawb4Mwrcr8zYDCmbR3lLTjYdq5WiHBNqlleMBdWj19r4qz8w_VqkFsR6CwE4pH0qEBuTIx-lYMWoIrqv8tT&google_hm=M3pjY1ZoaE5OcmhKRmJvdHZ0eks=

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmR30kP-VzHnIawb4Mwrcr8zYDCmbR3lLTjYdq5WiHBNqlleMBdWj19r4qz8w_VqkFsR6CwE4pH0qEBuTIx-lYMWoIrqv8tT&google_hm=M3pjY1ZoaE5OcmhKRmJvdHZ0eks=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DEC
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.targeting.unrulymedia.com/csync/RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTPaeYTsDzMnOmRMV28g...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTPaeYTsDzMnOmRMV28gzPyqLaIpPGERIMSH2nkkB2X1usWyYDBWu_50HyG6L4eV-akmJseLbI5XVkFScF3_Yap9M4zboum&google_hm=AyfTXU24ak-VnNQ_62z-ViY

170 B
188 B

70ms
70ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTPaeYTsDzMnOmRMV28gzPyqLaIpPGERIMSH2nkkB2X1usWyYDBWu_50HyG6L4eV-akmJseLbI5XVkFScF3_Yap9M4zboum&google_hm=AyfTXU24ak-VnNQ_62z-ViY

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTPaeYTsDzMnOmRMV28gzPyqLaIpPGERIMSH2nkkB2X1usWyYDBWu_50HyG6L4eV-akmJseLbI5XVkFScF3_Yap9M4zboum&google_hm=AyfTXU24ak-VnNQ_62z-ViY
date: Mon, 04 Dec 2023 05:18:22 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX27d35d4db86a4f959cd43feb6cfe5626003
content-type: text/html

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 7DEC 0
34 B 62ms
30ms Image
text/plain 18.193.96.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDOGQAbAHZIkogp4UpZFDLs&google_cver=1&google_push=AXcoOmTsJtgnwTSbCCHXzK-NRj1qhIV6WBYUPHW5gwiWb66VHVXOqfly5QY1BhOsROZqhVuanAFiVSgBohjiawrpz7_c6gU_vFN6AA
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.96.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-96-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7DEC 0
12 B 60ms
60ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJEauiAu98w14bhUfX6FCX7iHcj20P_RmMBVsRrXqByF4wiwK6KYF_LOJJG6cfmx3ksE7HUA

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4233 0
20 B 63ms
63ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9596596616174&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4233 0
20 B 63ms
63ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9596596616174&version=m202309260101&ct=77&x=1&cor=9273640875439356000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4233 34 KB
20 KB 102ms
102ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0lGXhis55nkkbWUEJ345YAw5_F_vj2sZ-Aa_6uNoOccxkueGRr9wCPvEbqlXF-Z2-gswp7v5hDPEG0lJ2j9WUkgq5AREh2n2bST-IGwuiJ2EPbYgEr5kXtvybGRvE-sGe1SB8ufCbKVQ4_lsqkxp0h9RB0AFEWSeV9RFnxm688OmMl1Y&cry=1&dbm_d=AKAmf-BOXGZzE2rdxDDvOxWSPpWP6g9Jj51rjYA3YkIH4ppvN-0JapKqtLsqlDwkiA3dS9vS6tYq7WjDhs2AlOSE8EzOiLDFhLfFcS1bzJamLNAi83oZBQVPpIUXRrX9EtyLkpeaA3Qvz344MHe0zdTAkqEM9xNuscqX_XUHHLImwrAgNKIEtPY3iYvrgd8_njIJMAG9cG_HQrNbmwUfON_SuYVi6gigr7FyquevmS5Ob0ztN7XkQHADr1Gtlv9SyKtCZ4t0zhGBryOIwC9lgAp7QyyDkYsRrEveO0vqJaDFA5ZVs40k213MAo1YNPJ2rsZOdLRBBy9jiLVnw17f7eQ0t4u-kgXP-DwQdJIud0Lh_cc9Pq1DA31QpAuoaNu0U0ee8KdQqZ1HgpNop-PeWkTyGd9g1U9Upadq7izycbxfTY0DQOXZYf8tDNr3y2eQQyfi3P0t44DdMdlLsznzEuRuIvWf_KyG3KNRaI4M1qTp4Oj89GyO2-tCGzrDATKp8Iod3hL92jVzD6kKS4rEtYWauVo4njR4HECqasF5hRIfeGFjjdigogpjRqMnNZUqBXr233mWhG76V8HPgli92MsAp8kf_hou1ic_blopRFgCseGnHTivpLbZ-MOsDQsSJRgESd290ULVXl6GUT-G7qUwcKrxoQFSdMhpBW6BUiv4HU0Lg5_PVdurHoloT5fwkO2y7mysgrfuhU5YL41Z5EHoQIaGcCoHzGBA7woTh25ATF4QwWzBAtxVpPmCGkOYKEXupwqKokM4JuT3ZcyThY49Ds2YElf1A4en7H8oC_cUsUd3nLR3CU_vkMZc4PLa2twi5o4Vwd9SlMLhCsHiFciBQ2GjxoSDDXzM6kCOEoTmZ5ur_rtCgLNywvV_2yF3U4_NVUNc54yODD-HqnSvqsOz0QaY8dXNDBKjxNRwDR494vhLzpQ86YL-VBhva7XBbWrODarlmQWY54Nx2fM2rYYWFf_tPkNAFT0glWtYgd4VimwISAMVxH9J5CZq89-ycqx3t4qceojUiTLt1D8wC8VbrSTB-3ID7-koP0cbd5RONbPdFFAcLXh8ag23SBG2ILJ5wIXNytJPDnFHIOHftEiEAueAL6b8LFd8SIcQINkgHQtZNU1X_L8eNTg6-t_49HI5f8lDibGe_d4DtPyyHrPJ4UIBO00_WFE0gO7tVW_Gw2hnGE7RXGr7fJ-MDOHm5F0rpV5P7PIDySIzdtKsL-s0ibImrLKgSRw3m7QMFrxo6CVX5j4LjgxWHlnZOLWgcj-5LEt25OIlsUQWGkkbXAqycJlLTSNqdXnuBXCttvZfnuE3cL5ueVVWNbiueKp6hSvjN6gKLqwsFHvSIXUXsLvKWGDh5LOaeiQJv1PlMVZzHmqgDkZBiOiSea947vN6y1jZQFaY7qOEPeGZGRRMQdWRUAc3-x95fR9Mx4tPTGIolJcw8w_95BoY_VFYJ-2ssTXc_oFm4RojNk-IMrnpXSrTdaB2FKdSz8bQRiVuFe4_e_M5KGYRK7O-E7sigDz6mVQnw1dY-KeaTR0nWK7MQ3G8bpJCUWgnHylpNRHkhdpcVvqq8onPYBXtwn4FyzxzDdyar_TKBW17QhslN4cIkb-UmYQAWHzLNRz0ueqiC4aucMFDpi-CniJIjIsIyFW3vimPgH_kWK1Nygmkzgw7GYb0w1h2pzwd5ImpvtEyv3Rx7LFDon2XfNrZVW9aM5oo91bhF040nY85cgaTKiPZMQPhdblnovU8x5oCiHfctfWwn7ayIEutx3Yu-aAh7oP9130oI1NGIS0o7fieX4--brz2eoBFRxizgqADDOopUAc_zP4ejH_3bTt5Yy7WI-R61VJfkaZQXEHeN67yblcfPZedYdI6cGaGr3LToOP-n_XI1a1abwnUVy0Wz3PUYwo8egFe2xmK3jQmqFcVW4jZh62X87Xfa5qNDv1g7Nmp_6SAdgW-CCmSVhXULAONON0OUao7QvjPhrBv-UNc237CKDzLBv5Jlnkgeu-w26ubtvXlcn4ejccr6HpcxyDykBj7ha5UVHiO-I19Mx6Wh7pb2FBLRrD41i34N6AZedoelitM6_hbyKx_27X_DzBh1TOEXgOWbm9vrX-Qb_a9smaOuWrh3NFgSYMn1XnQWs3g_ybnM_9KDTw5vL2Rtnjed4sevrUV5Q1zp981OpZhmq8YhuRnEZs5PTt__jzkEPQK0DiChi9rA8vJuaGLsQlBXEavvP19HoaF6KfgKkfNqo42DRGPdodJsGQeOPGDOyn1Iu7JgdG4kF87EoW0hAtlBlKV_9mlIWhag0Fo0JbqG8E84PyiWpAxT1Fy8hNVgfd4MUqq4--r2WrG6FZZ3VDbIeAruzqjjuWNqQ6JUxBywWqOD_LoHHQrvuXUCpyhIK64sfBP-KJyVWurWkgvt3OvdsnIUTM6z-_Bf8WePfLx5KZAeu8z95yvLKZJFlXDhOqwsLflupuShdX2Tizu963PNSpvambsgPqgYfNoqUzf9hFilkZqUdD9L9aBfoH-uQX6edN5lp5WvUv3qMPh4JVWmsESKN7yx1pC3Uq46X-4jGLmTZVf3H5s_Ur0zUErGT7sn1oxHMu6DRueDCGXxlyjGpdHWDTarwqLgJEmXwE8RNnx-mwkgujyjjmoOYKPfxjYS8s88l6cOAOJr4jSZ-SfhAwfteKi7JRvMTIX67nIt5iPchMto3g92hywfgikngJHEhh8CJNzLkX9oLE2ELxzNBzzyAuH74UdotSW02W1BXmt-dEViEZP3zlO0tjrb2lY51Pbcpu31mF5DE0SZ8LlZjQAmOHNfjIKiW73PtqfLDV8CM8--7N5_-6EcgO7psl2ceHFv10ZT7VBWu01gQVK7yCEgWRWSlNA56Jw1QRFB5kAuwhJD-13r0KjElrP-lU9VCM2G7LZHjQ5NPpRULAgACBRiL5KoipKYImyBbmbnlIgKuM73RrM3W1daHyB-HV6uTm2vKjFADbpIx-ipBfE37OqV65GObEHKUHeJu4sk6b0IXWYEtortOagJpDdfhcK_0KKS6dR2A1HmTULoVmYbpujBJw8LXH5DAAoGGhFon52NTORAZbnTElSs73Zq36qMdNHNAgiBVaS2V7H6E-gUbz5x2ZokJYoP9n8XemQAZ80uWgsfdVZfFmJ_h8c9wjjH2CgVvXixI5jgPvBNasj7o9GqipxGeBb478qYmMTZXRO6s43ekgG4xF_BPFCeyKqkM9K4WKEoCS951RPoHXy9Yhj5EH62CKqcNE-MTrZIAbTfiYIwW9Uy5PYDVB_GWtl2ok1XqkVT66ni8cZpYlilz5VZg1OUESYBoyib7bBJaT7gNmEtVpFTnq7_sDBekhiYFLnHBKw1ywQijmW4URSZRMatLPQVPkNgnQ1cobmXu5kIouUf_9hIQ3PlnFQZYKnseHgSNFyHEphcW0F5wJtGee2SYR6v0WtD7O1Ag-Vf6Ekjq-0CSbArb5H4nJjI0EsVOVFzYt-q22MlMdKFefSUYmyjsaIPfYcvNBGhq78HB_Vf3mzyBKE3B4UsjVlnTV-_SsRUP4nVn5LvDaC0nQBj316eYeUqddDn_Gvk6FXxdMUkezKE1lrp9ibdki-0UWmNgMTb2XKVHKl27jBSO2HeSfBRHHdq5St2lgkvivoggLF8ApA--w2qC0om57fFMkL8EwqZrG8rhed2X349lRG-GiNND9LcIol-Nz13mIAXznuQL8XvM8PXLKAdgq17Na7Yb2g6BeuXqBXiPuyhjyW67hg6UOulHnbiQNJOv1As9usdWkZOUQlISkkaYF0mjtYFVJawYtM3M4Kq0Gy6BkSoOKmrX1AVAORWP3J&cid=CAQSPADICaaNXxgMCgnmuSVQZgTAi0GsZPDIAHk_91Mwc4prGAQDYfmyKyjv3YeYVkGMvB9i4G20L2SbqiTSuRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=9273640875439356000&adk=2004672170&idt=78&cac=0&dtd=11

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b406adffe6d2119f394b2c2752e0229e0a9c065238b1f6561419c543217d0b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19921
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9EF4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42b51f770fea56c8f23a535669b11fbe783dcd5172fe7c361eb1f962f384d0b6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C190
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPy7IsM_Hy6hiRG9bZY4LjE&google_cver=1&google_push=AXcoOmSHmFD_mBuuWpI9vFaUF4RoT93l_obNacM03rqw-6hwGpErMXZbUiK8IRe0u2aFOIosYwRi6vfixMYbTyJP1aYvnNa...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSHmFD_mBuuWpI9vFaUF4RoT93l_obNacM03rqw-6hwGpErMXZbUiK8IRe0u2aFOIosYwRi6vfixMYbTyJP1aYvnNa23NCn&google_hm=eS1xUFZPelFWRTJwRkNfdW...

170 B
188 B

62ms
62ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSHmFD_mBuuWpI9vFaUF4RoT93l_obNacM03rqw-6hwGpErMXZbUiK8IRe0u2aFOIosYwRi6vfixMYbTyJP1aYvnNa23NCn&google_hm=eS1xUFZPelFWRTJwRkNfdWVuZGZSek85MUdpbExrSkU4Sn5B

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 05:18:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSHmFD_mBuuWpI9vFaUF4RoT93l_obNacM03rqw-6hwGpErMXZbUiK8IRe0u2aFOIosYwRi6vfixMYbTyJP1aYvnNa23NCn&google_hm=eS1xUFZPelFWRTJwRkNfdWVuZGZSek85MUdpbExrSkU4Sn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C190
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRoDi...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmRoDibNLF54yayqkf8J5S48xqP1vccedVJTn0azilb76X24YPCgadVsKV-G0_MH-qNm0xbpMUfAZvpc...

170 B
188 B

64ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmRoDibNLF54yayqkf8J5S48xqP1vccedVJTn0azilb76X24YPCgadVsKV-G0_MH-qNm0xbpMUfAZvpcTk2UF5vkej3WB4Rx

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmRoDibNLF54yayqkf8J5S48xqP1vccedVJTn0azilb76X24YPCgadVsKV-G0_MH-qNm0xbpMUfAZvpcTk2UF5vkej3WB4Rx
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 566832
content-length: 0
expires: Mon, 04 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C190
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eJtEHAPUQJ69TWO9vHLbZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

61ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eJtEHAPUQJ69TWO9vHLbZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSsDDTBe-zigXDhHc-UM1p9Ilkeo4EBLVVoXzI9uY-2W9uWKcw_SOtYYP-g_oQ3sEfGDDusc4-2pTUQ6kdCEv-C8prOLYE

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eJtEHAPUQJ69TWO9vHLbZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSsDDTBe-zigXDhHc-UM1p9Ilkeo4EBLVVoXzI9uY-2W9uWKcw_SOtYYP-g_oQ3sEfGDDusc4-2pTUQ6kdCEv-C8prOLYE
date: Mon, 04 Dec 2023 05:18:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C190
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_hm=ZW1hHilwAW4n0FA5a6txPwAAFKMAAAAB&google_nid=index&google_push=AXcoOmSsZ05Ryr6Ii57L7SplF4Fgo5l_DEvch...

170 B
188 B

67ms
67ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_hm=ZW1hHilwAW4n0FA5a6txPwAAFKMAAAAB&google_nid=index&google_push=AXcoOmSsZ05Ryr6Ii57L7SplF4Fgo5l_DEvchlFEmUDb4JA4FdtddwM5ZHoRvJ2Fky1GavZq8p-8-RSQjm2Nj2fdX6SM87LcP5w

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BVYNKKv2fPnSqge0WjBCLr0ekZGIjD9DyQQhzlBntK5EyXu%2F8rWALlkTws%2FNk6nquc3%2Bhq5kJG8y%2F63tTcWSASVe%2Bo3mY6nIwfiDre0nSJ2uICzMAFHqLS0tDj9R%2Bep4qdvpUroz1Rw9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELXxlOs9ZsGNXC5Fa4ZWKZI&google_hm=ZW1hHilwAW4n0FA5a6txPwAAFKMAAAAB&google_nid=index&google_push=AXcoOmSsZ05Ryr6Ii57L7SplF4Fgo5l_DEvchlFEmUDb4JA4FdtddwM5ZHoRvJ2Fky1GavZq8p-8-RSQjm2Nj2fdX6SM87LcP5w
cache-control: no-cache
cf-ray: 8301969d6f500200-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C190
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmTbECrFUqY-HHMKgSjbj1yqD3nF4TtVziYAyhwvEV7kZ8i-k3WPJDENp7RIcDnZ9DeQyWeCW9oPVRGHhJmpt...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTbECrFUqY-HHMKgSjbj1yqD3nF4TtVziYAyhwvEV7kZ8i-k3WPJDENp7RIcDnZ9DeQyWeCW9oPVRGHhJmptTR562qHkgAZ&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

170 B
188 B

68ms
68ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTbECrFUqY-HHMKgSjbj1yqD3nF4TtVziYAyhwvEV7kZ8i-k3WPJDENp7RIcDnZ9DeQyWeCW9oPVRGHhJmptTR562qHkgAZ&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 04 Dec 2023 05:18:22 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTbECrFUqY-HHMKgSjbj1yqD3nF4TtVziYAyhwvEV7kZ8i-k3WPJDENp7RIcDnZ9DeQyWeCW9oPVRGHhJmptTR562qHkgAZ&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C190
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.targeting.unrulymedia.com/csync/RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQixfyIQEt0XyS1vZlm1...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQixfyIQEt0XyS1vZlm1XMCIpiQlxOPd04k0G7ptKqD4SKEq4tLEVjOzSwOrKTc3eMm3X_3QxV2X0B8oLRLzvj0dnfuncc&google_hm=AyfTXU24ak-VnNQ_62z-ViY

170 B
188 B

70ms
70ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQixfyIQEt0XyS1vZlm1XMCIpiQlxOPd04k0G7ptKqD4SKEq4tLEVjOzSwOrKTc3eMm3X_3QxV2X0B8oLRLzvj0dnfuncc&google_hm=AyfTXU24ak-VnNQ_62z-ViY

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQixfyIQEt0XyS1vZlm1XMCIpiQlxOPd04k0G7ptKqD4SKEq4tLEVjOzSwOrKTc3eMm3X_3QxV2X0B8oLRLzvj0dnfuncc&google_hm=AyfTXU24ak-VnNQ_62z-ViY
date: Mon, 04 Dec 2023 05:18:22 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX27d35d4db86a4f959cd43feb6cfe5626003
content-type: text/html

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame C190 0
34 B 41ms
29ms Image
text/plain 18.193.96.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDOGQAbAHZIkogp4UpZFDLs&google_cver=1&google_push=AXcoOmTsu8Rxi2PqCEiFoBIbucIF6_ZEQyvxYlaJgtGGfUJf9grm3w0rkwtxVxZp5QoqAeaBV9bJpPWqMJ9cTOvFnGXaqjK-k-z_EQ
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.96.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-96-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C190 0
12 B 60ms
59ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_H64gtPIT3Ak3RhlaNP3_dSjj7fOT4hW5KwSjDJQnY661RWAdYYT9gRqMTuhuuw9wyaeR5Q

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 4437 49 B
493 B 398ms
171ms XHR
application/json 18.154.63.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
via: 1.1 2ce5a9ba754326069390699371a502ce.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: u3YPT0ndR1QGIwX0LL6zoyGYL6pLmu01cleyYnABzUsqyCdCm6QuAw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 293ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: f75f3290-3de7-9fd8-aab8-51ce8f7972a6

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4437 133 B
569 B 348ms
117ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 46ae9a9e8b29ad04aee83a42b9f227dd212149055bc42e600af291ca72ee4e75

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=8c7781ed7c404e13f3af900a5c051c8a6dc87b20704b45bdc957b8e37cc0ac2b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 3341311a1518cb2c84c1a61dcffcc54f59c66ceb6d536721f4688217af506567
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: e9b1adf8-d817-cc05-b456-cea66f6dc196
Content-Length: 133
x-amz-id-2: 5aIf7CiFiq0O5gdCJWYnE4aNlZW0rX0OOECn2NaMUcBsLC8wzkohJaBdSMOjDSarP0V+lKTQfJFOiCM1b4atV9E85jW+oFY1
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 8C34 0
0 54ms
53ms Document
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Mon, 04 Dec 2023 05:18:22 GMT
pragma: no-cache

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame 4437 208 KB
61 KB 30ms
30ms XHR
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 06:25:39 GMT
x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 82364
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: 2hvZtzaeAKVaWcLT2LuWlX3o0KfwQMQwMwwu0CtX86D8s1-2acC1jw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 294ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: d1e220c6-167c-56e9-8c05-4398a1065b7a

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4437 133 B
569 B 342ms
118ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: d83d69490b396f0951cb61c01068348ed88bcc06f099242e6e554f5dd9eaf1f6

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=cab71a6dde40695f3a90d4a3a586c413b80fa74e855075e8a56dc0997d1b0a0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 64ac3b8189c379133a5bbfa7007bad45eaaa88bebd42856ba224bcf0e0007e5f
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: ddb641a6-687e-96d7-8051-22f8dae07ba9
Content-Length: 133
x-amz-id-2: BOcduPVG3T3EjJ69X6QqVTZ9n6sYBtad+wQSpCu2uB+VVQyq7JOljwTkEky64LWltwWSvUTtCaGOTRfnDLzl6M0+5S0pZoCR
Content-Type: application/x-amz-json-1.1

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 52E0 49 B
494 B 382ms
170ms XHR
application/json 18.154.63.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
via: 1.1 2ce5a9ba754326069390699371a502ce.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: WrgpwFp4iRf9YN5AQyT6sHWXWCMjTqprHuKAfXCtLPfLWC97ji0L8g==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 380ms
118ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: cfabaefe-8830-5633-924c-cda033fda06b

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 52E0 133 B
569 B 362ms
117ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: fc224d3011797e57d3347c2634fb65febbd148d567e888bcca566026ed314fab

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=a59376d55b045e557206274d48dfe6b488cea5a9233578c01912deb8a59981c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 9fb72c5abd412a19a7c74f463f84a49e087cf4331e8d7d065ce310e221691984
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: d3ba5e21-7d28-09a5-8e5d-3d7fca520436
Content-Length: 133
x-amz-id-2: 0JUM23X4/mQ/seRYSoPwEOATdBkntEhyNtu1V7jeM8TGKraZjQHYfR8h0facE+SvAZjKctRJeLppncuBbjnEcBYyNQfVkAtT
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 2147 0
0 53ms
53ms Document
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Mon, 04 Dec 2023 05:18:22 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 372ms
115ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: f6c9a087-5883-2438-ab2e-c3d93828c3ac

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame 52E0 208 KB
61 KB 29ms
29ms XHR
application/javascript 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 06:25:39 GMT
x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 82364
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: waKcgmAcjTJgVapbBjWQmOlrNY4UeB8MbkTph5NRJNauWUjNYQvOyQ==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 52E0 133 B
569 B 364ms
118ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 371bea793a961498f152f362a5687ecb34a830a9371cef347b8078e842f3b7f9

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=97880c135180c1da7e5885e94c1955f21b872a1b408b1a7173f8a3a50a0cae75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 632985eb8ac44c4327ce4841bf9c3acbace8a9373ad2fd2ff27e7778a9b327c8
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: ee906b2e-393b-db23-b377-08708ba5365d
Content-Length: 133
x-amz-id-2: xPMseNZK3b4IiGQ4csZ35DrUa47A08s5CZsudny1PTDGmUJk3Cko8wI2+d+NpNOGdJwiX2hQdvQM7ojWvL6ehbI8LIMPcxCc
Content-Type: application/x-amz-json-1.1

GET rmpssp
sync.1rx.io/usersync2/ Frame E74A 0
0

GET pixel
cm.g.doubleclick.net/ Frame E74A 0
0

GET receive
pixel.tapad.com/idsync/ex/ Frame E74A 0
0

GET pixel
cm.g.doubleclick.net/ Frame E74A 0
0

GET getuid
ib.adnxs.com/ Frame E74A 0
0

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame E74A 0
0

GET rtset
bh.contextweb.com/bh/ Frame E74A 0
0

GET ImgSync
image8.pubmatic.com/AdServer/ Frame E74A 0
0

GET dcm
aax-eu.amazon-adsystem.com/s/ Frame E74A 0
0

GET sync
ups.analytics.yahoo.com/ups/58529/ Frame E74A 0
0

GET generic
match.adsrvr.org/track/cmf/ Frame E74A 0
0

GET CookieSyncYieldMo
rtb.adentifi.com/ Frame E74A 0
0

GET sync
sync.srv.stackadapt.com/ Frame E74A 0
0

GET current
yieldmo-match.dotomi.com/match/bounce/ Frame E74A 0
0

GET sync
x.bidswitch.net/ Frame E74A 0
0

GET cm
u.openx.net/w/1.0/ Frame E74A 0
0

GET usersync.aspx
dis.criteo.com/dis/ Frame E74A 0
0

GET cookiesync
bttrack.com/pixel/ Frame E74A 0
0

GET cksync.php
contextual.media.net/ Frame E74A 0
0

GET /
b1sync.zemanta.com/usersync/yieldmo/ Frame E74A 0
0

GET 397286.gif
idsync.rlcdn.com/ Frame E74A 0
0

GET yieldmo
cs.admanmedia.com/sync/ Frame E74A 0
0

GET pixel
cm.g.doubleclick.net/ Frame E74A 0
0

GET sync
rtb.mfadsrvr.com/ Frame E74A 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame E74A 0
0

GET g.pixel
aa.agkn.com/adscores/ Frame E74A 0
0

GET mo
match.prod.bidr.io/cookie-sync/ Frame E74A 0
0

GET /
csync.loopme.me/ Frame E74A 0
0

GET match
c1.adform.net/serving/cookie/ Frame E74A 0
0

GET 26980
stags.bluekai.com/site/ Frame E74A 0
0

GET psync
xsync.iqzone.com/ Frame E74A 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6389
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOTM0jG7fKuy7iCCfWa_WOc&google_cver=1&google_push=AXcoOmSV45bHpnLsrO62fPdb1_-P2YtMkucCrL9Docm3jRqj7vDhwjVgBb...
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSV45bHpnLsrO62fPdb1_-P2YtMkucCrL9Docm3jRqj7vDhwjVgBbm_BapvVxdoGyOsCLsrbmc3WjRVrzA1y5bkbTYXtyOq&google_hm=zYnYEW...

170 B
188 B

65ms
65ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSV45bHpnLsrO62fPdb1_-P2YtMkucCrL9Docm3jRqj7vDhwjVgBbm_BapvVxdoGyOsCLsrbmc3WjRVrzA1y5bkbTYXtyOq&google_hm=zYnYEWuxekNHBHanWAJtPA

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmSV45bHpnLsrO62fPdb1_-P2YtMkucCrL9Docm3jRqj7vDhwjVgBbm_BapvVxdoGyOsCLsrbmc3WjRVrzA1y5bkbTYXtyOq&google_hm=zYnYEWuxekNHBHanWAJtPA
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6389
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPSLyiSo3UTTIZeyBFO46W8&google_cver=1&google_push=AXcoOmTzXcHYXHXdH4pnRMctoq3V-VYLKX2XPdaUqJUfJQlLmiII4Ir03PZ-ZTKzU9-b2ldEllqRrDBvGjiwlhTAbpdF4ZeZiOk
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=860098435345&us_privacy=1---

170 B
188 B

61ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=860098435345&us_privacy=1---

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=860098435345&us_privacy=1---
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6389
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPy7IsM_Hy6hiRG9bZY4LjE&google_cver=1&google_push=AXcoOmTgBerW0FVKHFkVdS6YlXACEQ_RfQctW0xQDThO6yKUXRgXWLqAcXVNBms8gENl5HKLA9NPubu8eNuGgSvgzGsL6sm...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTgBerW0FVKHFkVdS6YlXACEQ_RfQctW0xQDThO6yKUXRgXWLqAcXVNBms8gENl5HKLA9NPubu8eNuGgSvgzGsL6sm0Fopo&google_hm=eS1XTTRWUHlsRTJwRThOZ0...

170 B
188 B

69ms
69ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTgBerW0FVKHFkVdS6YlXACEQ_RfQctW0xQDThO6yKUXRgXWLqAcXVNBms8gENl5HKLA9NPubu8eNuGgSvgzGsL6sm0Fopo&google_hm=eS1XTTRWUHlsRTJwRThOZ0Y4OEZia0hyRGp4Z2RUUVNqRn5B

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 05:18:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTgBerW0FVKHFkVdS6YlXACEQ_RfQctW0xQDThO6yKUXRgXWLqAcXVNBms8gENl5HKLA9NPubu8eNuGgSvgzGsL6sm0Fopo&google_hm=eS1XTTRWUHlsRTJwRThOZ0Y4OEZia0hyRGp4Z2RUUVNqRn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6389
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELpYUmnPN94ydMo0BuWYuRs&google_cver=1&google_push=AXcoOmTI7xgJHhEEudKE0e1jkCrOOwIFtv1IgC5Bp7K9YzHntXwfYhd9m0pHAVig3U9S_in2ZrWbNRcfGGwAGM6...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmTI7xgJHhEEudKE0e1jkCrOOwIFtv1IgC5Bp7K9YzHntXwfYhd9m0pHAVig3U9S_in2ZrWbNRcfGGwAGM...

170 B
188 B

62ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmTI7xgJHhEEudKE0e1jkCrOOwIFtv1IgC5Bp7K9YzHntXwfYhd9m0pHAVig3U9S_in2ZrWbNRcfGGwAGM6VosYR0YdHmgCC

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmTI7xgJHhEEudKE0e1jkCrOOwIFtv1IgC5Bp7K9YzHntXwfYhd9m0pHAVig3U9S_in2ZrWbNRcfGGwAGM6VosYR0YdHmgCC
Date: Mon, 04 Dec 2023 05:18:22 GMT
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6389
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRLfVi6m4A9N2hAcMslHt-HEJ0mh0g2ykoszgFgCg1TeQm--ES8dCEMyWyWnxQPdy1daAfjif36Bp...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRLfVi6m4A9N2hAcMslHt-HEJ0mh0g2ykoszgFgCg1TeQm--ES8dCEMyWyWnxQPdy1daAfjif36BpiDhvQB7krUK7ful6_F&google_hm=049af203-f025-4503-86...

170 B
188 B

62ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRLfVi6m4A9N2hAcMslHt-HEJ0mh0g2ykoszgFgCg1TeQm--ES8dCEMyWyWnxQPdy1daAfjif36BpiDhvQB7krUK7ful6_F&google_hm=049af203-f025-4503-8684-9d3bc561f2a7

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-225
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmRLfVi6m4A9N2hAcMslHt-HEJ0mh0g2ykoszgFgCg1TeQm--ES8dCEMyWyWnxQPdy1daAfjif36BpiDhvQB7krUK7ful6_F&google_hm=049af203-f025-4503-8684-9d3bc561f2a7
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6389
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEJSjrTTO_buI4BguiZdSF74&google_cver=1&google_push=AXcoOmQROFzP9FFPMYHxGRe5EWuBCCDqF6UEPiR-1rkUApiNnU9FfcT77JGtH48z4QAKYaoyiGQfoPlPnzcrh0eY76PkNL_vUq8P
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzMyMDAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzMyMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQROFzP9FFPMYHxGRe5EWuBCCD...

170 B
188 B

68ms
68ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzMyMDAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzMyMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQROFzP9FFPMYHxGRe5EWuBCCDqF6UEPiR-1rkUApiNnU9FfcT77JGtH48z4QAKYaoyiGQfoPlPnzcrh0eY76PkNL_vUq8P&gdpr=&gdpr_consent=

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 05:18:22 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzMyMDAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzMyMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQROFzP9FFPMYHxGRe5EWuBCCDqF6UEPiR-1rkUApiNnU9FfcT77JGtH48z4QAKYaoyiGQfoPlPnzcrh0eY76PkNL_vUq8P&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 04 Dec 2023 05:18:22 GMT

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 6389 0
34 B 34ms
29ms Image
text/plain 18.193.96.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDOGQAbAHZIkogp4UpZFDLs&google_cver=1&google_push=AXcoOmTIQ81oYUwpEyX3UaqXaKuMjJD26VVNzh1lSMc88FvtQnoOAwA29EF8wwejkaiOrmOS4Vw7f_E5Sdyn2Kae4li-ijZIhGZyGA
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.96.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-96-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6389 0
12 B 61ms
58ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KrnU8E0Npa4xpHnOl2cOVrVia7R06A6IeJNp1fE4ZvBTvYhfTYdBBNkU7JhAHzfxLsL9doLA

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EFE7
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQjgA...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmQjgAVOiD216Kj73NAwyzZkG-HSE-j2Trx4lDxvISnhabkHP7VRjMZbKHo4tEJQvbBW_u_TLys6a9cj...

170 B
188 B

68ms
68ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmQjgAVOiD216Kj73NAwyzZkG-HSE-j2Trx4lDxvISnhabkHP7VRjMZbKHo4tEJQvbBW_u_TLys6a9cjVWNz9M-5rZQwhQBM

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmQjgAVOiD216Kj73NAwyzZkG-HSE-j2Trx4lDxvISnhabkHP7VRjMZbKHo4tEJQvbBW_u_TLys6a9cjVWNz9M-5rZQwhQBM
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 585615
content-length: 0
expires: Mon, 04 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EFE7
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SkiwxL5_Qq-WRtTHezEW5w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

67ms
67ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SkiwxL5_Qq-WRtTHezEW5w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSHBeBvO-hFDDBwAtEZSomIXoyA0b2sNv-FMLRtP1FvHZbLKcMpU29u6TDn9KELjIqowdoEoznpLQ9tl9F8SpCONLscbJY

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SkiwxL5_Qq-WRtTHezEW5w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSHBeBvO-hFDDBwAtEZSomIXoyA0b2sNv-FMLRtP1FvHZbLKcMpU29u6TDn9KELjIqowdoEoznpLQ9tl9F8SpCONLscbJY
date: Mon, 04 Dec 2023 05:18:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EFE7
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmSgjOpVHADHfBfL15YxY2CJ8v0-nEelMG2aCDTrOC9de61fGuzBQ0Ehip8v4p2iuji3jLzzCmqQFK...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmSgjOpVHADHfBfL15YxY2CJ8v0-nEelMG2aCDTrOC9de61fGuzBQ0Ehip8v4p2iuji3jLzzCmqQFKBkEp3TN5O0lNHtlz8b&google_hm=6ead9bc2-b20f-4618-88...

170 B
188 B

63ms
62ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmSgjOpVHADHfBfL15YxY2CJ8v0-nEelMG2aCDTrOC9de61fGuzBQ0Ehip8v4p2iuji3jLzzCmqQFKBkEp3TN5O0lNHtlz8b&google_hm=6ead9bc2-b20f-4618-88de-8bf06b0d0e38

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-75
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmSgjOpVHADHfBfL15YxY2CJ8v0-nEelMG2aCDTrOC9de61fGuzBQ0Ehip8v4p2iuji3jLzzCmqQFKBkEp3TN5O0lNHtlz8b&google_hm=6ead9bc2-b20f-4618-88de-8bf06b0d0e38
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EFE7
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.targeting.unrulymedia.com/csync/RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQ5WxZ7dSYOZhTB3LAo1...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ5WxZ7dSYOZhTB3LAo1MN8d0ePo7HfRD6y-VqKn3YbT5GGMTnpjzvC71-RBrHu7w40zPHbBFMa8CoPR4pd0HqEWkbd_Fs&google_hm=AyfTXU24ak-VnNQ_62z-ViY

170 B
188 B

61ms
60ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ5WxZ7dSYOZhTB3LAo1MN8d0ePo7HfRD6y-VqKn3YbT5GGMTnpjzvC71-RBrHu7w40zPHbBFMa8CoPR4pd0HqEWkbd_Fs&google_hm=AyfTXU24ak-VnNQ_62z-ViY

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ5WxZ7dSYOZhTB3LAo1MN8d0ePo7HfRD6y-VqKn3YbT5GGMTnpjzvC71-RBrHu7w40zPHbBFMa8CoPR4pd0HqEWkbd_Fs&google_hm=AyfTXU24ak-VnNQ_62z-ViY
date: Mon, 04 Dec 2023 05:18:22 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX27d35d4db86a4f959cd43feb6cfe5626003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EFE7
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEJSjrTTO_buI4BguiZdSF74&google_cver=1&google_push=AXcoOmTYjg8SFeaKtPGQyaZbNFIcTunb05H04BccAsfUbwMuOEBtSS1pJiaGtOsmfj-YIieQAbwKLlbuzdSdSqAOq5R_WyOOj3c
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTYjg8SFeaKtPGQyaZbNFIcTun...

170 B
188 B

70ms
70ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTYjg8SFeaKtPGQyaZbNFIcTunb05H04BccAsfUbwMuOEBtSS1pJiaGtOsmfj-YIieQAbwKLlbuzdSdSqAOq5R_WyOOj3c&gdpr=&gdpr_consent=

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 05:18:22 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTYjg8SFeaKtPGQyaZbNFIcTunb05H04BccAsfUbwMuOEBtSS1pJiaGtOsmfj-YIieQAbwKLlbuzdSdSqAOq5R_WyOOj3c&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 04 Dec 2023 05:18:22 GMT

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame EFE7 0
34 B 32ms
30ms Image
text/plain 18.193.96.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDOGQAbAHZIkogp4UpZFDLs&google_cver=1&google_push=AXcoOmQ8o5yAJRzrUFcei7xq4FQsySRRWng2EBQ2jVjKvvo50ZKNTy1_cRgiEgAN4X2RVsUHhVrw2cvYE4FlzQ7PQs4DS71bPoncmw
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.96.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-96-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame EFE7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMyAJUacWQKSj1DA41FBvYc&google_cver=1&google_push=AXcoOmRE1Qc4pY9W7ea4EijbYHsVOX09-A3ZcpZUVyruPJm3juINLBDAdJ98l6yMJ8rCZNJH3MaJG2HErJm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRE1Qc4pY9W7ea4EijbYHsVOX09-A3ZcpZUVyruPJm3juINLBDAdJ98l6yMJ8rCZNJH3MaJG2HErJm0SHiq4GqQemzqtTRwbw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

30ms
29ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EFE7 0
12 B 60ms
59ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0s4n-d1uV92vRlTFoCfW01I4N4Kj3bBwFHFjcG2z29XB0ZKwh-D0N3NvNgxajDEnieZO1VC8

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 264ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: d2104fa5-f73c-341d-8ff7-2cfb1ef39fcf

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 9EF4 133 B
569 B 388ms
115ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 92b53deaa6fa27ab40babb6a349419dcebe8a353c95dbdd77a24039aa0d9cce3

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=7b58ac45a9d38740e9735a6d16ebc888f5ac3f7d46e70f9b9da42f1b7d6209c3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 4eb0d51012876191fbcda438fe8708c11e873af0dffef6891747a1ecbcfd242e
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: f985e242-780e-3eb4-a462-811c91c19566
Content-Length: 133
x-amz-id-2: LGF6XI2Kr9RYyqbpXSvdD+AtSUM6QNGEb8sbCnO3Z4vnz7eK1/M9tB2dCFl6lIPANTI2xRkE+81SyEQ4a79eudm8OxsjkvE5
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 9EF4 0
468 B 53ms
53ms XHR
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.32-593&imp=8248855875603289632&plid=2521236318193655889&pvid=3420950681100687039&fmtid=52&e=16&rep_meta=dqercb_DA95RPbqz1L-N6OyRpfA_5JvI3RutqPk9w4o4j8CBu3nlBqtXMTwIvH-kdgTXC_80O3OdqoJKLEm6BOsfxEai5TK32y9re6VLdM1__VHCEJA1A3IvLd2bXrFtN2tmER-jtyQwP6XEHEOTbFGmb0ReNgLsCT1NArp1ZC63kayT7rMQ85mi4ts4EbAPPwKc6gWbw3jlcUn_xizZo9KqjEvADxVO_SKM2whGTw-oLWrIINrswLOwe8-cIEd0EzW9YkGSK6T-CIpkYT2qE9kU6cF-F_2t7BauTDt48P0_HBi2YGsqqA776TSq_d7CZs8Ee_3yODIZYQ02Yi34i_WDUBROLMJ044YTjDVAvNhGTw6syMSngTgk9WP-__VVuV7K6QYhv85-otQqQ4xy6y0GrPkJE8o3AQbB4HfFULY&offsetX=0&offsetY=0&pvt=1701667100282&stime=1701667102292&etime=1701667102292&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H/1.1 200
OK analytics.js Show response
s.update.tas.yieldmo.com/2/518423/ Frame 875C 6 KB
3 KB 315ms
52ms Script
text/javascript 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3420950681100687039&pv=4e9ca87e-5fcc-4fb3-a8b2-0d801da61695&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3420950681100687039&bt=programmatic&gt=ch

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-253-142-96.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef76888962399ce2019fcb4a9b41291c9fd42bdbb18baa04bd4c5989bcc3fe80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 05:18:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2660
Expires: 0

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9344 21 KB
8 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:22 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 9344 42 B
63 B 75ms
75ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BiwfYO37jNP_lhQ1Y4vxMlEmImnDYsYqsW0bxIb5NVAwdm-IsnBMwCkVbe6hdhupEzq38K8PQuCmixP86Fp5H5p0HZDg&cry=1&dbm_d=AKAmf-D0-Ks73Eu7xjRwI2w36LghDn9iQVv8gyd0QCwfCiY81Cic70wwFjPxZ3t5pgVrhijJ_Z25UvvoWwIMsfH7qrhNokL6dXhvMBlaORtJEb5k16uc2iHeY85NAhtAGXRnOFr_1YXn6Tgmf8IdAM9uqR5Acet2y7SzoRIOWEbqYd9HNEG8MS2qs6jYT3T1UqhFwq1NvebnD8BAV4Wcy03QJKOtwCxRIMw3ru4zMM1kI8JfRm_lqdl8yTWG3FtoR9lw3WCLUaoovXe5AcHDxjjpohI9oju6MNO2il1yxYH0QWvBp2ylUGDiVKW_2AtmqlpTwVm2UNjqc0o9HVtmefGJOucqFBaV7bBQXQQzSuNxc1RapV5lWtNQBZgcPQ--FO_XhWGn9lRcrm-7uakN42yAxr8qcPKc4i3EOfKSKzYc6_jK7KB1zXSMdz-B8xHEYZRyjtooVbVkNabz2fb1UflId6z0s1F3yKdc-o_YotgCJm4ze1ludwC6IHY4CG8H0Ui1cfcJoNfXLO3Y7rC7WtG5hl_wWnhViADjzuTSNz7C8nZARxT4XoRDySJ6Wwy7fvAS4LPlwJqiMe4fphaQZbm15BqJ61KYPvaObS0PD19YtEjtUDdHIFGrVwVuY09J5Sz_12OgiA8bWWM-8hBsr-fsJQq6fxb4MQ-UBnfrmgAtFxgHwQc6xqIU1lDAVtgL0YfL_I-lBu9JYDU80UDgchMQmsJ29yD2F44P38ZzvAO9JBCZIb5IXrlQM-nsVtgXdKpLBeKLVkTbcotwMy9f9DwK0UM89gN9HUhe1gVfZoSWOWemXk5bgbb2J5muqy8fJSRcKrKOh3sakEkNp8rWMdc-X1ucbDh3OJk9r9UNCa_iUM9KBlZCZr1_ZWA9mG5NkrWy3OSXpRFwRazHF0IbKst3n0Xi8meKQMa9nnriet4G7ddcw_xN5vB1LlNFjEIoURQeaJ96pr-46gVdrkTZxzC5N2Xu2cmMo9JxdrjP5jlFeRQ4DVr1tUXoS2fCGD7hvokxIAM00o-1zJuJ7dsl2MqdSeDJuStDkGOG7Y7s7MwwhAVn5ciRWrQezqL1AGAfy6SY7IY1k3Em3CQeLd6Lp48nVhfp7t6TfML0um4xrsZdwTh2KYSeN4H8Z2EOQdAqgzsoRZfBpFJ5yQVezdpgVu-qTL_aReffmHv_kqYg4feu8iVAyJWgP2pH7spppiI2YEsZNDMSXyMFQ-lkGWcmAyMgGQKwBJg5gzmb5XM7bVzrZFFUwtfSQIg5R9MpKsa9tY9AiZDbOlM-iJo48U6ITXZTtTh2i6hh75NAtd2NeSiQ3G7OUqxFLg6Rvn5XGysZOP2PcZu6u9CiD-ppZj-WrK1Tipyl8whez28tdn43S3v5rrTJiL5Cvlvy-pYziE-Ll_Wa9Qm6pR-_1zxR2LsKPfeiVJkO0qUZtPPMO8zr2YmY8w1ehSKL_VTIXrbDw4GB7BC1H-I_93YN0xPXvL8nq2eFVyeOsD2VhVGHt7MpGogERWD4CAYhF-C_qA0tXb82frSBqsyivnOBjyKTyuIBgzfzUaTBZHs3PnTyhnwABXt1a6HmtVXal-ZAXNp9gEt2MWBLCYmG8jFVCJh1DS9A-J1mV-8h3AQdxadk90dE6RsSWqJPhxzedjLLOvmH1TR9O5qDDuCdnJgHvDF_RyyVhO4Xt2q2XkBHFQPlgRhbuzMLTM8V6JMV_6iEA0XTyPCnB-tTdSUtlBLJicg4jYvMNJcre3Wm1Qv8dZHicR-y6YIogjURv4RfP8vlDug5M8LIOuMXzeuxKRTrNCZ2LX_ovfN2h0CAMGbOxmvxYsa8hgikdsuGDmydcve1VD2EuJHtDPVNrBhvtaOUMevNXpabzlk_mus3h8uGqEYI2h2YB8zJWzxgvyrFqhT2TQea_mnJfcFhpcgxR8yiQKaNtBKsE0NNzXUtj6Ts-wU416PNEqPfHwskONbutExlm5SWM457qOzijvHUS0Z4DVh-D4_b-fUrm1Oa5tZfwZ5a22owwqjHDbQEp9Iww0sq1nftAFNSS7flRSIrzxW-n9T02Ul7e19GLIVysO1lv3DhoTmCQ1cLRtUjyEr52jGA0e1cArK03F5cxcx3Ohvk-FNHbtEYD3rtj27cCTDFdEboiH3WTSeLIW69sEleKfqYE6GU5yhg7KuHEAcCH-DbuBNgqtIoNiyDctTBW62WhwuWSSHFL-Y5sXsyPqcKtqHELURrzhidt2JmdOGnHeB9l1DT5tdwVqXxzBFv2RTv776FsYS2Rb7zUY6QvkzvvjMnyEUTXOEUnZl9sP_mm58lS_zzz-cQwd0BhJhfK8PlDEqEUBSXwOTOTzcKvGk-HcdBv8A_gDzzjf_zsqTmkEO-&pr=67:0.754654&cid=CAQSMgDICaaN8UDdW2917Kd1JdDFyfEKqA4ssXkj1qURZOKJeOIsIU4492co_FdRcJuE3HQHGAE&dc_exteid=31390217498869012458847870485085078&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame 9EF4 699 B
1 KB 30ms
29ms Image
image/svg+xml 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Sun, 03 Dec 2023 10:21:43 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 83845
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: 6az7mtqBD6UEPKryfgz0ZhM8kybAC8ZZi9z666hDnKK-sPiSH7lWvQ==

GET
H2 200 8748027647782653532
s0.2mdn.net/simgad/ Frame 9EF4 407 KB
407 KB 165ms
85ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8748027647782653532

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7542a88385203267507334dfe316097d73841ad41d5d27c381f966760863c63c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:22:29 GMT
x-content-type-options: nosniff
age: 233753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 416536
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 09:50:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 12:22:29 GMT

GET
H2 200 13915685206028675079
s0.2mdn.net/simgad/ Frame 9EF4 70 KB
71 KB 109ms
28ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13915685206028675079

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51a6ca133d5532acd4b48bdb02356a1fa1db32ad440bbaeefed060ebd12a883a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:39:30 GMT
x-content-type-options: nosniff
age: 110332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71950
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 08:35:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 22:39:30 GMT

GET
H2

200

p2
sb.scorecardresearch.com/ Frame 9EF4
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=da8f6dc4ce93b6137a09
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=da8f6dc4ce93b6137a09

43 B
298 B

30ms
24ms

Image
image/gif

18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=da8f6dc4ce93b6137a09
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: TpaLQrSim-23cG3ASSOe5ybrvgIbx7kSKbdCIJ1z6DzHaqrhBwcitw==

Redirect headers

date: Mon, 04 Dec 2023 05:18:22 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /p2?c1=8&c2=18969557&ns_ap_it=b&rn=da8f6dc4ce93b6137a09
content-length: 0
x-amz-cf-id: ZcavB2IZdmkkREJQAnRf7YzC5tYXjlFsuVP7ViQJpy590XPKKPHu0Q==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDF6
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTzs_...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTzs_9CsTsBPY0Oc9lKe1JPSkeJdgiAWbf6XRT8ZNow5EpWGO4xXuwnrZqnyGvFP8wwomzw6f2jejQs...

170 B
188 B

66ms
66ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTzs_9CsTsBPY0Oc9lKe1JPSkeJdgiAWbf6XRT8ZNow5EpWGO4xXuwnrZqnyGvFP8wwomzw6f2jejQsUu-q0e_i7rzFg5g94Q

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTzs_9CsTsBPY0Oc9lKe1JPSkeJdgiAWbf6XRT8ZNow5EpWGO4xXuwnrZqnyGvFP8wwomzw6f2jejQsUu-q0e_i7rzFg5g94Q
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 598749
content-length: 0
expires: Mon, 04 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDF6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tgEFYkLaQvq-GuHxo36UqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

68ms
68ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tgEFYkLaQvq-GuHxo36UqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSE2yCMtdMm37PLVpbWDWbYgfze-wk1Sj9q_5JdUC87eiOnUg03e3nJ-MZwR7zR_WLREES7v0zp_X6WbHUdSh9UwzXWv8UtgA

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tgEFYkLaQvq-GuHxo36UqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSE2yCMtdMm37PLVpbWDWbYgfze-wk1Sj9q_5JdUC87eiOnUg03e3nJ-MZwR7zR_WLREES7v0zp_X6WbHUdSh9UwzXWv8UtgA
date: Mon, 04 Dec 2023 05:18:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDF6
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELpYUmnPN94ydMo0BuWYuRs&google_cver=1&google_push=AXcoOmSiy1pgYQU9T87bDVEq2hchR_3_8Ekx0Y2v8HnKvDhu8gM6CpFO2q7_A--SuQ42K38O1EOM57CStgETpye...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmSiy1pgYQU9T87bDVEq2hchR_3_8Ekx0Y2v8HnKvDhu8gM6CpFO2q7_A--SuQ42K38O1EOM57CStgETpy...

170 B
188 B

60ms
60ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmSiy1pgYQU9T87bDVEq2hchR_3_8Ekx0Y2v8HnKvDhu8gM6CpFO2q7_A--SuQ42K38O1EOM57CStgETpyeOys4shEZWFY57dg

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Ol13Km9rW5N_haph2upMcrnDR9k&google_push=AXcoOmSiy1pgYQU9T87bDVEq2hchR_3_8Ekx0Y2v8HnKvDhu8gM6CpFO2q7_A--SuQ42K38O1EOM57CStgETpyeOys4shEZWFY57dg
Date: Mon, 04 Dec 2023 05:18:22 GMT
Connection: keep-alive
Content-Length: 244
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDF6
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTeKPKfAS1m9_yZX6kcONlH0WfI86YWKWJlKH0_OFWgkSAJELMVyNYg50M1QP9hkxl5wIqw7HEsUr...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTeKPKfAS1m9_yZX6kcONlH0WfI86YWKWJlKH0_OFWgkSAJELMVyNYg50M1QP9hkxl5wIqw7HEsUrc9KVc1iq4H4lfQNEBysA&google_hm=98ff2875-c623-4052-...

170 B
188 B

60ms
60ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTeKPKfAS1m9_yZX6kcONlH0WfI86YWKWJlKH0_OFWgkSAJELMVyNYg50M1QP9hkxl5wIqw7HEsUrc9KVc1iq4H4lfQNEBysA&google_hm=98ff2875-c623-4052-aa65-d7afb302353b

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-167
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTeKPKfAS1m9_yZX6kcONlH0WfI86YWKWJlKH0_OFWgkSAJELMVyNYg50M1QP9hkxl5wIqw7HEsUrc9KVc1iq4H4lfQNEBysA&google_hm=98ff2875-c623-4052-aa65-d7afb302353b
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDF6
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmSX1ujikAF1i5FuIRQ7Jil4BguKRjZtcpxxR-b0uM4EVjvyqb75XEQd67H8SEFKf5Wf2_Y618xyFZpqCq7NJ...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSX1ujikAF1i5FuIRQ7Jil4BguKRjZtcpxxR-b0uM4EVjvyqb75XEQd67H8SEFKf5Wf2_Y618xyFZpqCq7NJEp9cTM7sd_U&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

170 B
188 B

65ms
64ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSX1ujikAF1i5FuIRQ7Jil4BguKRjZtcpxxR-b0uM4EVjvyqb75XEQd67H8SEFKf5Wf2_Y618xyFZpqCq7NJEp9cTM7sd_U&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 04 Dec 2023 05:18:22 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSX1ujikAF1i5FuIRQ7Jil4BguKRjZtcpxxR-b0uM4EVjvyqb75XEQd67H8SEFKf5Wf2_Y618xyFZpqCq7NJEp9cTM7sd_U&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDF6
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAFbXywLQ7Wkqym9q0pt01M&google_cver=1&google_push=AXcoOmS15t0I2U_Sr-hJ4qCOqUqfh_k1FTtKLFJZnbQagOGlP7NONPseCCKCjOlvcL8La9EC2a-AH7p-cSMdftwgg99QjzSgWS...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmS15t0I2U_Sr-hJ4qCOqUqfh_k1FTtKLFJZnbQagOGlP7NONPse...

170 B
188 B

64ms
64ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmS15t0I2U_Sr-hJ4qCOqUqfh_k1FTtKLFJZnbQagOGlP7NONPseCCKCjOlvcL8La9EC2a-AH7p-cSMdftwgg99QjzSgWSYRNg

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmS15t0I2U_Sr-hJ4qCOqUqfh_k1FTtKLFJZnbQagOGlP7NONPseCCKCjOlvcL8La9EC2a-AH7p-cSMdftwgg99QjzSgWSYRNg
date: Mon, 04 Dec 2023 05:18:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame CDF6 0
34 B 30ms
29ms Image
text/plain 18.193.96.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDOGQAbAHZIkogp4UpZFDLs&google_cver=1&google_push=AXcoOmTIhmixmFp_zsp8wPqDyztpCjgyQTiSUUH5IYg1Xl_gtjNpczflRFygFJFFLLp32ujvRwgo_yypOjSAN0GvkbiytgcLtwjQc4c
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.96.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-96-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CDF6 0
12 B 67ms
67ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIFi4EXmtSCPCuf8f3CLlRrCH2407dPnqH7O_WOB0CDmZpRL1ImY4OaDNECjx-3tGnULP2XA

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 8169 49 B
493 B 208ms
169ms XHR
application/json 18.154.63.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
via: 1.1 2ce5a9ba754326069390699371a502ce.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: zEkYtFLCOUUQ9lw6Kjs83Hjpj41fIBmA-HLtO9X28iJt_Hv5g282Gg==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 222ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: d1042c2d-e9af-6400-8ce3-4f735ed56993

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 8169 133 B
569 B 399ms
119ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 6963d0d717c48645bfc09cd6813e2eb54e3a01ca9ede7238b54dcd764709b414

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=158f68685cd160bb2a9b9781482507bb10bbcdb192a930ba92fd945f4255d84f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 653e0b2c293df7519df97512661f37da0fc7eba8e0aba3149957109b28ef3437
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: d79d3e05-1532-1bcd-8a7a-5d5b86339e1e
Content-Length: 133
x-amz-id-2: qvpwFHgA95aujIjvwD5ZQW/FN9UqSnyeN6WKABnPNL3JRSLTrScZ/uZfwsT7dzF1PJUGu5XdSalb1rj/gYqvCovoySosTlkh
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame A9F6 0
0 52ms
50ms Document
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Mon, 04 Dec 2023 05:18:22 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 322ms
120ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: c707939d-fde7-6ba0-9ae0-f0c3462a9df8

GET 52.handlebars.js
static.yieldmo.com/sdk/template/js_a/desktop/ Frame 8169 0
0

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 8169 133 B
569 B 359ms
118ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 680bbb5ca56e2c4caeb08de2b912b559e0804ab5745adb8759ec91dbf2c32a40

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=ed2276c9ba9fc3c9715cecb5bdeac93a082bc337cd9eb4966ebd79bc5ba35b60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: bf585e2143b9764f2f2ca85632c74b6d35274c2142800a51facd00547867b954
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: c0872372-5028-d454-9d60-402ce752d9c7
Content-Length: 133
x-amz-id-2: mT28D6g4fZDJUJzFLiId3kcB8UdQe9n4pN+gsNbyHPe2SZj85JFL6pkFhpHYD52u3r4JBofHNzWu9bONntXhj+cydK6nFDEZ
Content-Type: application/x-amz-json-1.1

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame C930 49 B
492 B 176ms
167ms XHR
application/json 18.154.63.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
via: 1.1 2ce5a9ba754326069390699371a502ce.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: qmaixTC2l4jpqs67rZEoAC9gzx7KhVcvpam-imNlqACpViV9OZqfmw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 292ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: c6efc012-3e57-7c97-9b08-a34c5efc9b03

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C930 133 B
569 B 349ms
120ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 5b9109b00805f1fc936700c00ed5a255e8f02cd661c6e911659fb451be4abccf

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f282626ad5834e5a676373e3fde9db2284d859fa4887bec157a6ce29ddcab9d4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 62dd6b21e9568116541bd1920fea8c6d4b4fbd568a85fb84c0d64a78a5197f40
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: f85781ad-236d-f17d-a5b0-e2f343c616e9
Content-Length: 133
x-amz-id-2: qxDH9CYTNk4AzuAN2ey4oLmQSGsmOpcvekAAIIjjEU5YBN5zcHCZclF3o4V/V1JpqzmUvnbGHW+5OL7rvxDeXbYetrQZ9/nG
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame BC81 0
0 54ms
53ms Document
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Mon, 04 Dec 2023 05:18:22 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 284ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: c5253e01-3c42-bfb4-98c2-5d5fd58d1466

GET 52.handlebars.js
static.yieldmo.com/sdk/template/js/desktop/ Frame C930 0
0

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C930 133 B
569 B 412ms
175ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: db28dee3188db0ff0467d7183b85858c0a7f4536c6da42116d9e2bd622c628c8

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=5c21233dbe55c43f0b09451edd735991c71f8098beff82f44c8fc9bd556d7831
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 89f7ae2c83ec37fc7e9feb340c85af4c82a84c759f6179d2e0fb3608f6502f5f
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: ea2e74b8-4c92-5bf2-b7c9-17e7f75fadaa
Content-Length: 133
x-amz-id-2: rshBcY0L0q2wGcqju+pzaBFSBK7eYGWkC4h/S4nf9WWo6s1BXXBgRBz/LyjuB1zCYzkxdXw5m7Tlcalwb1UwFaOZlSfvJG0C
Content-Type: application/x-amz-json-1.1

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame DBA4 49 B
491 B 145ms
145ms XHR
application/json 18.154.63.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
via: 1.1 2ce5a9ba754326069390699371a502ce.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: Ea_LJ8i_ABng9Ltagyorno_goDL116kc-wKZy6laFZailZm320koqQ==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 273ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: d7a2ce4e-ec57-c266-8a45-ad105b2dcff5

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame DBA4 133 B
569 B 356ms
117ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: d6602be0a69f79f69f7d6afe52eacd5576e28efe03c224e9e68983f90457d869

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=84b0e69ce5d48197a1d2994d25722c76358d37ff664dc5a95cbee93fba5a4c2b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: f9d2581158f58b7a550d09834cd78843cba3149bda8bcc4fa82a0acce10af8a5
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: f2a63e2e-a266-6e27-af41-5d7010f88359
Content-Length: 133
x-amz-id-2: R865I9Z/9zWgTh/1XQ9UYY8gzFMIpX0w2OpnSAJzB1vITGRPobJdFSittUtAf7bTHVOTwTxrbWB+7h1CK8m6G60fsXJL06/D
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 9B84 0
0 55ms
53ms Document
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Mon, 04 Dec 2023 05:18:22 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 267ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: e4f58d1e-c5a6-1b31-b912-ee407738f64f

GET 52.handlebars.js
static.yieldmo.com/sdk/template/js_a/desktop/ Frame DBA4 0
0

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame DBA4 133 B
569 B 384ms
121ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 2b78fd99d494ecf27e92d3c50546b9c8dddf2c1594ed1418838dcde769b5edb2

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9276a48d678de1d5bf02ae150f956e41488524ee1d9ab21020650adefa4e6f5e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: f917427abb4529b7fea1a3249a6902a63c2bbb13422adc547963ac590b36f870
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: fe6ba1be-0308-494f-a38c-c2e0eac7e29d
Content-Length: 133
x-amz-id-2: IFuWokG/bFZHwj55bELuepe1MXP1OoXq3ROH7I+aCGS+61uhdMVSyXfqcj3FQDCX3WbvzcerrpdopPBOCWBUKHkB43+Y84zs
Content-Type: application/x-amz-json-1.1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F132
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTD6V...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTD6VRrlNhf6hYXVPujGbVRPVP9ifwvo2X0Ii-d_O-KCw9HTmpJyvUvWTV-bUAWmgw0T8lV-QrRNgmt...

170 B
188 B

71ms
71ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTD6VRrlNhf6hYXVPujGbVRPVP9ifwvo2X0Ii-d_O-KCw9HTmpJyvUvWTV-bUAWmgw0T8lV-QrRNgmtebd-u9JY6tMhmfqbrw

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:21 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmTD6VRrlNhf6hYXVPujGbVRPVP9ifwvo2X0Ii-d_O-KCw9HTmpJyvUvWTV-bUAWmgw0T8lV-QrRNgmtebd-u9JY6tMhmfqbrw
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 809526
content-length: 0
expires: Mon, 04 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F132
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tgEFYkLaQvq-GuHxo36UqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

70ms
70ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tgEFYkLaQvq-GuHxo36UqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQq5W8T8MVhaRIUZTHfNHN5sMch5v3IPCvhN8B5uWwSwdWbz_m73YOkbhaZExMEZjvawoDAWBgQQxbMKEoGomLOKIPh-fDX

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tgEFYkLaQvq-GuHxo36UqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQq5W8T8MVhaRIUZTHfNHN5sMch5v3IPCvhN8B5uWwSwdWbz_m73YOkbhaZExMEZjvawoDAWBgQQxbMKEoGomLOKIPh-fDX
date: Mon, 04 Dec 2023 05:18:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F132
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECga4jZcTBI_YD4j63rEcHw&google_cver=1&google_push=AXcoOmQfc_SDDzvKlQtlAiqEO-kicdVuRLtxWcjf76pak1u9pERVS1ZCMBhMIZeR9AE0xhF35SSgYCuqq1FcL1jQp...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQfc_SDDzvKlQtlAiqEO-kicdVuRLtxWcjf76pak1u9pERVS1ZCMBhMIZeR9AE0xhF35SSgYCuqq1FcL1jQpttzwq7UP-hP&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

170 B
188 B

72ms
71ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQfc_SDDzvKlQtlAiqEO-kicdVuRLtxWcjf76pak1u9pERVS1ZCMBhMIZeR9AE0xhF35SSgYCuqq1FcL1jQpttzwq7UP-hP&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 04 Dec 2023 05:18:22 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQfc_SDDzvKlQtlAiqEO-kicdVuRLtxWcjf76pak1u9pERVS1ZCMBhMIZeR9AE0xhF35SSgYCuqq1FcL1jQpttzwq7UP-hP&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F132
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.targeting.unrulymedia.com/csync/RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRt0koS32bXnrUqE4yyQ...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRt0koS32bXnrUqE4yyQEb8eIFhgFBZtkc72q03V89StltfNlzOCimZm6L7uijNSkelVgk2tbpAu01fGNLyuKzyVTeo9HRASA&google_hm=AyfTXU24ak-VnNQ_62z-ViY

170 B
188 B

61ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRt0koS32bXnrUqE4yyQEb8eIFhgFBZtkc72q03V89StltfNlzOCimZm6L7uijNSkelVgk2tbpAu01fGNLyuKzyVTeo9HRASA&google_hm=AyfTXU24ak-VnNQ_62z-ViY

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRt0koS32bXnrUqE4yyQEb8eIFhgFBZtkc72q03V89StltfNlzOCimZm6L7uijNSkelVgk2tbpAu01fGNLyuKzyVTeo9HRASA&google_hm=AyfTXU24ak-VnNQ_62z-ViY
date: Mon, 04 Dec 2023 05:18:22 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX27d35d4db86a4f959cd43feb6cfe5626003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F132
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAFbXywLQ7Wkqym9q0pt01M&google_cver=1&google_push=AXcoOmRdgzJ4kyvxYSYWoy0rlx6bRBvSqm7NfVBQyrigjHtxjnXLItcsWp1BQ7r42ovxrlIdvKTXc_V3jEw1CLwj_fxEN6iV4f...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmRdgzJ4kyvxYSYWoy0rlx6bRBvSqm7NfVBQyrigjHtxjnXLItcs...

170 B
188 B

70ms
69ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmRdgzJ4kyvxYSYWoy0rlx6bRBvSqm7NfVBQyrigjHtxjnXLItcsWp1BQ7r42ovxrlIdvKTXc_V3jEw1CLwj_fxEN6iV4fHRXA

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmRdgzJ4kyvxYSYWoy0rlx6bRBvSqm7NfVBQyrigjHtxjnXLItcsWp1BQ7r42ovxrlIdvKTXc_V3jEw1CLwj_fxEN6iV4fHRXA
date: Mon, 04 Dec 2023 05:18:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame F132 0
34 B 32ms
30ms Image
text/plain 18.193.96.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDOGQAbAHZIkogp4UpZFDLs&google_cver=1&google_push=AXcoOmQSbQypvsrPqpnqowlf1ksFfq_ly_9HhbOqrGrwgGbjBtvy1yRWfk-_m3MNh7sDgmeQZzT4r3nnSiXLjiyQU_RrnunEp8YB-g
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.96.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-96-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame F132
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMyAJUacWQKSj1DA41FBvYc&google_cver=1&google_push=AXcoOmSkrZfEZeyjMR6MgVr_gC9Bdlm1OvvG2oomtWsOJov-W6oTqD-8ym1yNYHNQoVJlhsYAjiGlJ4yX9i...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSkrZfEZeyjMR6MgVr_gC9Bdlm1OvvG2oomtWsOJov-W6oTqD-8ym1yNYHNQoVJlhsYAjiGlJ4yX9i_CIfuzNwlo_1dAykAYoU
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

30ms
30ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F132 0
12 B 60ms
58ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IL1BlhkCcun31qPKiP-8kzqV7IkPlw0gfeA0uTcbhrRRfOhrICmLd9-pkleS9IQBWZiAMHEgQ

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 4E44 49 B
494 B 98ms
98ms XHR
application/json 18.154.63.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
via: 1.1 2ce5a9ba754326069390699371a502ce.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: lECXn7-sMGoa-CJVPlc3MBSDQYHw_3ACBdjhBG3_EyFM-ovKmAlNCA==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 378ms
112ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: d8b07d69-6df3-545b-8557-1e37fef2d188

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4E44 133 B
569 B 304ms
115ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 85b358cdd9195bbc36153154c3a482d588f2098f2e29f60230d17645db8b0f7b

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=5c5b80035be7ab87792411f821aad124e4c0375bfbd9c1c9833427fbc2550fcb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: bf027109c2c52f46738fb64bea246f748dae7252f880343a60419dadd53d8366
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: ef376b5e-b12d-2ef2-b2d0-080103b3c38c
Content-Length: 133
x-amz-id-2: hohziBjS64Ej87FMwB5yKHQFhbOkLJaZEcHAqQ9XFSJmtEt+piDIpo7R/E/pB6tYdONbvZD2jNciGsDdIK/4yVFFfOhopve2
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 9761 0
0 52ms
52ms Document
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Mon, 04 Dec 2023 05:18:22 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 416ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: f08b3c52-debb-5e03-ad6c-5f0cbe10b997

GET 52.handlebars.js
static.yieldmo.com/sdk/template/js/desktop/ Frame 4E44 0
0

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4E44 133 B
569 B 288ms
117ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 92a084f3f19118c4a91b62c28a8482b3f4a6188b832524eda8b596d6f970ff77

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=7235ae3ef414864fa1022158125e68d9c02325c2fa0856b37ed363afbd7b95d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 71f21ab81d5cf94274b0bb8b8221d47b7ba3a7f17fded2ca000f4825a9deb769
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: fef5cc10-60c9-1a07-a312-af4f8906b1d5
Content-Length: 133
x-amz-id-2: muXVlkQmdX/BInrdEfMuhccRRpgKCrrlASHs6Rbg9jkk3ScI/uCTPQshn90JyeQxHiSRptuYvI1ONmF6cMlRTzyOTfmj+My2
Content-Type: application/x-amz-json-1.1

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 9EF4 133 B
569 B 294ms
118ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: d27049015bfa3e2b16c5ba1ceaabd1dd5f8dde1d7328892a3c136fa7e4f4e79c

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=feae224a2fbd27f97ae4cfc9c116702b4010de0aa9215630fab8916a40a8e99d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 125f759fe1e60b08bb8a7dd0c2d41f44d10a6b872fb3541cc3122393dcac1237
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: cbe0bd93-04fa-1a80-9607-deccbf37ecd8
Content-Length: 133
x-amz-id-2: pb5w35lx7kC12Etg3urYbctI16CLVVEUXdBEUHgtkbfZnRquj7IzLr78uytXtnxL16rTLivTqL9vMe2JdHWShtcV5AAN5kLs
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 362ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:22 GMT
x-amzn-RequestId: e0f385ae-e7af-78b7-bd14-e6f05c628eef

POST
H2 200 frg Show response
folkd.com/ 5 B
978 B 288ms
286ms XHR
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/frg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Fiber-ID: 1701667102572x838978878731848800
X-Bubble-PL: 1701667098387x677
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAxNjY3MDk4fQ.bBgKhJs43WfSO6fHpwUq5bx2VjD9hKDq2ZKuy6zvqbU
X-Bubble-Breaking-Revision: 5

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf: {"total":12.3,"percents":{"top":{"bubble_cpu":23.9,"block":72,"capacity_rl":0,"other_pause":0,"pre_fiber":4.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":68.8,"fiber_queue":3.4,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":440385}}
strict-transport-security: max-age=63072000
x-bubble-appname: folkd0612
x-powered-by: Express
x-bubble-capacity-used: 0.007 unit-seconds used
x-coalias-cache: MISS
server: Vercel
x-vercel-id: fra1::6fxfr-1701667102584-46ae9257e608
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74iib9f38QD3Dw7cjYu1KivQEZwC2ydjXsafmKgEk%2Fur4c6sNr50jtZpJD%2FR9N1eywza%2FXURcL1ZA8s1zh83GPYxdGmMO3%2BP1URaMM4%2FcYZoAqEX3VdsEmOTyB6nyKvEGnSl%2BuK9RYC3xuwpoJCP1Ht%2FHVa4b8tudVfA9sJMiz0rss%2FjoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-bubble-request-took: 12
cache-control: no-cache
cf-ray: 8301969f5f2a0bdc-AMS
x-bubble-capacity-limit: 0 ms slower

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 4233 31 KB
12 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:19:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:19:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4233 41 KB
14 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 133260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:17:22 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTY2NzEwMjE4NzAzMgogIHNlcnZlcl9pcDogMTI2MDY4NDY0CiAgcHJvY2Vzc19pZDogMzM3MDU5OTcKfQpmbG9vZGxpZ2h0X2NvbmZpZ19pZDogMTI2MjQ3NTIK...
ad.doubleclick.net/ddm/activity/ Frame 4233 0
863 B 206ms
89ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTY2NzEwMjE4NzAzMgogIHNlcnZlcl9pcDogMTI2MDY4NDY0CiAgcHJvY2Vzc19pZDogMzM3MDU5OTcKfQpmbG9vZGxpZ2h0X2NvbmZpZ19pZDogMTI2MjQ3NTIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2ZpdG5lc3NmaXJzdC5kZSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA4MjQ2MTY4MDM2NDIyNDIyMzkzCmRlYnVnX2tleTogMjIwNjM4MjIxNTgyMjc1MzMyOQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMDQiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMjYyNDc1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4MjY3OTk5NwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTA5NzgxMDE1MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDY3NzA5MDA1NAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDUzNjc1MjMzMAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9maXRuZXNzZmlyc3QuZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hY3NpdGVmYWN0b3J5LmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2xpZmUtZml0LWdyb3VwLmRvY2tzYWwiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x44583fbae1dc324d0000000000000000","13":"0x465763750832a7b80000000000000000","14":"0xf57f72f2fa10dfd0000000000000000","15":"0x7c86beaa878a5c2d0000000000000000"},"debug_key":"2206382215822753329","debug_reporting":true,"destination":"https://fitnessfirst.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["12624752"]},"priority":"0","source_event_id":"8246168036422422393"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E624 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08714d833c0df51b80bb7372e103fd74f2eddccdd85f7536f24ffd01e1e46c05

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame E624 699 B
1 KB 30ms
30ms Image
image/svg+xml 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Sun, 03 Dec 2023 10:21:43 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 83845
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: J8tM-vzfWd9iG1xl2scGf7Efkzi3fpiWILpp70A9pwj84Z1I4UX5Pg==

GET
H2 200 8748027647782653532
s0.2mdn.net/simgad/ Frame E624 407 KB
407 KB 30ms
29ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8748027647782653532

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7542a88385203267507334dfe316097d73841ad41d5d27c381f966760863c63c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:22:29 GMT
x-content-type-options: nosniff
age: 233753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 416536
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 09:50:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 12:22:29 GMT

GET
H2 200 13915685206028675079
s0.2mdn.net/simgad/ Frame E624 70 KB
70 KB 31ms
31ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13915685206028675079

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51a6ca133d5532acd4b48bdb02356a1fa1db32ad440bbaeefed060ebd12a883a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:39:30 GMT
x-content-type-options: nosniff
age: 110332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71950
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 08:35:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 22:39:30 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 382ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: f8b67b8a-095b-e3f5-a551-18d59a5a6626

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E624 133 B
569 B 181ms
116ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: fea6e657a1e731bed37587f90346a14cbf2f43296a9c73ef2125f8b4843be14c

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9ac9f25e19ad555ba159b97d2bb2d8d2c033b0b6d323724a0687163d02ad36e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 68bc0236a2505c05ff3abe5690fb55485608f1c7221c8ef16394a6fd4bc1a9f1
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: fd9986c4-e96c-f04f-a07e-e59b5e16fddc
Content-Length: 133
x-amz-id-2: Y3blRDAIEnSp7wOyu9GCU8NOPscDkHRMAcoz/iRUwwkwyZhm5bhfj7I3gfaXFdvsDYf7yBN2hwlJLwW4z7yTra393YxHnKjW
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame E624 0
468 B 52ms
52ms XHR
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.32-593&imp=7361272455628332211&plid=2521236318193655889&pvid=3420950685957697777&fmtid=52&e=16&rep_meta=9WjiYEouHNcKBy7y_IeSjtCdpvknxwJAmIgv9LcJ7DWjSk_YIFnjIJ9HIAgg3u7pmciDmOlxAAnkq2Ut4UUGuKT5Q5Ztb3L7BWEkO-SkjHyBeixFjp6Z9Eeo93rG9Eyg_sT5of9k0GbwMZ7wB4LQm8skXCgcUv7b6UiB3Fk1g-BB8tNFUjwvdAaEKpXA-stvCFzgZ-Eo0iYTuxocjo1IuGe7MERB6ve1xg4nBqxqJonScb9U7TUmSXoz00Eg93mTOdjD--jFAOEOH_AN3B2UW1coUqkmxjrR5W34a62jHyR-o41avuP_AmCpAmOJnSP22MNell9CzqFfhYcmuhiIfuML8QbekphaY8FGjirN988T2MCEen3OgRjB9I2jVbgUcQPgiOJG1ZGwZ63wTJMCrU0gloEwh3pw08Ky6Y7VIEY&offsetX=0&offsetY=0&pvt=1701667100861&stime=1701667102701&etime=1701667102701&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 380A 21 KB
8 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:22 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 380A 42 B
63 B 68ms
68ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQRRcwD8J7phKvafU-kCh2BeeuFna-BJdTrJWeadkXC8Hv1BpzTKNQwtjTDOv-TUGdTmDaKXwMacdVuysDYl_65Mf3cQ&cry=1&dbm_d=AKAmf-B7oS-6Psnn538U7Ejnnsalezq1nv8XFr0WfiF8Hl4rTYaLC5mKyrQpdMm2g9vRQVNQuJvf6PJEanlw5g3nu0FD0UQvvZ5QjS9eObpaYsGJ5Y_grJXnlNMr6qU7gJy4F3VPgYZreQDjgJOcv2zmVZ_RSVEsEPpfccbi-KlbwCWdWmHsFA6zXP3suLx5xA7vgS-G80iZeptnTx_Hz_fCk2A96bt0ii6omMbUlsLj2-kPxiIRMQGI5NKqPNgcebVhPg4JcamlHKBkoq28jt_2U4mjHytpvWMmWLznBo-N2Y5dybxD9jWPxNTb-R3saW2azVEX98Us-iBXjnCK0f5wt2cK9_GAe9U-FJ5z_DII4NURipMDDllgo1s80KhTodNJepc85zNg5vfE0JoX3LN6MARm771CPf2WCIZpRferHdpJHjk51D8K8wTmzdf6mJKQ1yj5-DOfHlf-nxdsiplORnBYoOkdHhWySDF-SK47W1CtSwk7oeyznR9AMGrbW7t6GD9cBlcmfQjQmZV4dMdVnPQUkKpE9JrtQMoiXdX4VsPFogt8J4TdSE9G8l9PdFob8xuA0ZTxYdoCZx_ogltJbOpw5_O6UQTuY3LRIjo6FJ3hhNNrOk9PgkGiqldS9KCo_1U-WKkGXL5dtNpeTnoCl0VEL95yGqAL193pqHMREmKR6jTJS10lyIjLaNZiy8v7RGnbu3qdwj2YP_5lgIyx5192e7HEcQUhkulbFKid-8A7Oc45tI7SnIf72GnhIFp3w4fDcMvCGQV60fZ78Lw2z7pIgV8jAVH5WuLKMDTtUl4ZwrQcjulC9L2R_twbSA0Aftax36hwBsKGz36bHFsROu-sHoUNLztkdfNFJ806bdo_zRx2mDA_Hx_u_0_npHKP9mVVDAvzKcs39zbrvan9kkZ3oxONbYad6525TyxxJGbTMoBVuoghykpNLIlK5Img6K_RKHxpO43od4dlBboOBSC6ea-tR6C-D6xsmOW40oY3nBpSVne8GSUOSBfdWOYj_Bz379CPJVcxpoHry9os35JGwaIlzx07c3FOS-cZH2TK04P3Lk0aeF95N3LCI5CkTtPp4OawFkRxMXP4X-rogw8hExHt-0zf0sqi5Z02p0qKlPIwsr61-AMtEl5Fuqcel1ip-RtCbFWcwbiC0eT1-2XyKUsys3CTQd6IzHhQk2t3c9ucFHopbYm4_LI79YgkC3WVmXsppNHzjVFwaBg8LpZIedYZIpJkZ2-cQ_Tshif4D6w6KGFMZCbgnd9T26znM2FwJTu3nezEucjWAR8spo2rvKPTdC02mM_S3baRRiA6VAIxqqZSD_0n0uFQhSaP3p6L3YG-rCWg6n_wIStsQee0wM9_Go9BSb2x3GMaPfBNRtXZSrg3VAdCyKQe95rXPiTlcl9xSmoYSkFpkMi8erTjPjSUMpBsXR5-7_JU802MBvFMRmxe_iV7-wmLaPP41Aht-C2V6fJBoPAfdpnh6n6lCrWeohomqwkz66b_5y-jJj9xv9U0rLI1e8TCu3aVsidWbr4YxppBmEk2ewCCic5hb-eZpV8qHmP5J4h46V1e4b-rcUQEng5NJVtwFsgWWseZydwQ7y94-2LH-J_rwpOrHh6EMNmVqv2cO58_89sFWPnOzmmHDgveOveXYXFk8ju9EUse873oAKrhBVVgQrBejrk47vu3v9aW2j2CM7pfrrLn82n3WwgR2zG9hvchyY-6N49s9SxwHRTOFt1CInfL4roPYCs_06AuxuSE8AOazvYuRRVuQ7r_-qFipxd4qujFe_N6F7VoC0VAorxyrfVEwtBFp-H3Y7o_Kd_Yb529oBb_Zr0nNHsGx3RwP1iNtDs7zSwQuH4E2yLGHxuRq0xMaJoupjL592l0ytGpJ4qrWk1bUTSemivPy83jhdVh5e192mk72dhGf-ZamVas4tCXbdaz6yzQeaTiweDwcJxBKCxN9YYvEgFSVjs8ukF5FKH6ob64JgJ-JgKaSF6nuFvl6_et7Ik6XR-xq5LO4OetXlXhBM1JcsE6FEFxQCC-lkbZ-NICI7UY_0U1SvJ0_ml2aeSv2_TMNz7FGksmsshNqepmLzyXnfWK2oqAMrsApT07tbgbgOvwbhJvfY7MhpTM1WvKknnYbXpLuGZIV1S87WlSZ2H2iDYjSB9Rn9VowcUq6vmW7hE_wqaDh1jTK4p3Gs1qcTq3j8BmkYwpX4BiOA-UlVLYxeNxNt5x2VQC5VBEv-uptTBGMaWIOi9iJI8STQlcFg4OlRtXutjkCXWV2o_D09FTuXg-wSJ0t7j7WtO1Z5gUQMfuNeGcClsCQp_zu1dsAbfUScPY37tqx2EonDNjk7ZVjh9l8Q2udy-EX4dqnlNO&pr=67:0.754654&cid=CAQSMgDICaaNED9uo3GamAb5xgBnN-P04-VcAjsELR68oTPRZshxakIriMfbj8JzmEnlsEdDGAE&dc_exteid=31390217509067368579494936251903279&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame E624 43 B
394 B 33ms
32ms Image
image/gif 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=5f6cd6c610563bddbc26
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: FSVA9fSZPHWmesBK84ij7WFx4W6ALzKJ9CC7GMm-XOj54NebQdqRNA==

GET
DATA 200
OK truncated
/ Frame 4272 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06b17e901024681148c83859977a196718d05617b1302ad4229bf7e3fc926a3f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame 4272 699 B
1 KB 31ms
30ms Image
image/svg+xml 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Sun, 03 Dec 2023 10:21:43 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 83845
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: dwERhReEIJM0oMCSgJHovtMmxxxnRyReyt0ojaQe_58eR95J_fMoWQ==

GET
H3 200 8748027647782653532
s0.2mdn.net/simgad/ Frame 4272 407 KB
407 KB 30ms
29ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8748027647782653532

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7542a88385203267507334dfe316097d73841ad41d5d27c381f966760863c63c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:22:29 GMT
x-content-type-options: nosniff
age: 233753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 416536
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 09:50:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 12:22:29 GMT

GET
H3 200 13915685206028675079
s0.2mdn.net/simgad/ Frame 4272 70 KB
70 KB 34ms
33ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13915685206028675079

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51a6ca133d5532acd4b48bdb02356a1fa1db32ad440bbaeefed060ebd12a883a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:39:30 GMT
x-content-type-options: nosniff
age: 110332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71950
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 08:35:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 22:39:30 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 310ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: fa55bf41-5cf4-427a-a7b2-dc1e3c5fa5ee

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4272 133 B
569 B 254ms
118ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: c1a30cf3edea1533dfb330dbd98c9da3ecd9376df9226b7adc8bac47c2efcf38

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=eb4bf6b8f7a7c021e79c65044f6b65425c86ed1b9df986f3226c6175c9af8926
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 88ddd983962975e01237b44c0f8519cc718c202165dcbc6737b3ef2ee4631be5
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: db32cdc1-f5d5-61fc-86d5-ae9e42af6c6f
Content-Length: 133
x-amz-id-2: I6JE/flsYJgoyxWtuPvFkNxJW3ccvUrb++RGqV8Hek1oLIIOlscgOmofotwaXR0vgRCejGWpV4K3m1j6jLGFQgCYuNBFoTaV
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 4272 0
468 B 53ms
53ms XHR
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.32-593&imp=5041519242139059885&plid=2521236318193655889&pvid=3420950685991242789&fmtid=52&e=16&rep_meta=8vWBwGAh266yw2M536u2KGa-MVQErRT-TJfImKZSejOqZ2frvEShz6BXN1Pn0q2wbtpw2PjkJmYzFNRZ26qfnmHpN1AbUyQWjVzuTEWEN1S9mPN9C1_XbqAZzw0bvMTzG4OSaTJyV88e0nVM47T38uGl1KO4p5BSHaEIxHEpfsxWH5fTKrSc8_Ne5XU0jmHFSc7T2cbN75gcsffyEqcnlMpAcCYckd8LMhaoS-lbJ0XQz_3fIN3NcK_Vbmqj0UccjGDiuae6m8A33PV7kgNOe1pcxFDJbO4_MI3JvpnD0b_St9MzyB0rk_NsoAZz71hwPJFvoZ4wKMixuk0tP0e6jGfrdIvi3WQEhKL1MY6e1CZrwIGeHA1b1T9bJBZ_dqXDfJlV7Np8RlIC3rigHBAUErDEWdURY5EZ5T8fuinaxj8&offsetX=0&offsetY=0&pvt=1701667100865&stime=1701667102822&etime=1701667102822&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FA5A 21 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:22 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame FA5A 42 B
63 B 70ms
70ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUbTCegUThsjifqCrsWCdoGbVkNb8nd7bfIPAK71SUcpehd1Eq8JPt5M-jXg78jXvRZe7nXYOpMbZnoi6wEKGkpIP5zg&cry=1&dbm_d=AKAmf-DykKYDWL1nrD3_klL7SD2_9GIfR6WJwCzljnJYLXewA_0kB2mU_t7VbXLNaCev8WN7jSXehJ3lkd-qNOsJ5b5QF_yGbtmN_fs0Bt3ZYd4AvTkgE6a0LVxgs8E8InDpxFHplOJLAVNGbkN06Ep7d0-vbyeHQVvJUNBSYpr7bLAv_8nb3LdC7KE_PvdfhRExcpP1lSEnohDdrou6hvYsRIfehFHfa90dOdbYnk2B-DsZvRCBZjWEhB4j853lZ4qQGxtm4UaTo51qTZhrOqK4PJTkl7RCwngUprmZ2QM4XEt5NYHwOOPy7l6r_i7WXmAZuFb-DDb9OU3IO2MNL7pNRxl5fTp9bwQm9r7kRmalK3CbyDdqD1psbwN0f8eqfSh83-QLCVJdbLg8DT5nxne8pW1JQl3cNEyU3XaWRXzubCxru5fknGOJkdL_A8jzXht2zcR8Duz7peGVSsLo2cAYE_vw6cQOhKyQ45W4j8IT4VNeWU3YCmoS2DMKZyU6_FCUX2Gxu3SLEgLWIa9nM8yJY_HTijRN-w8P__qZWP56YyvI9ow674v6yX4tAPxlcALRF-AgPtkZoTBllGlFOnthrOn75kIO4-3dmOE5YBi_TJevBYrViANy7DuqO4zsPIRB_2j5AVnEVeVUX5dNFeXPsXxwS4Uudkk5DgIEMKU7Aypo56x0oIDHAKn-0WFnunMoh2rroQlw6sIITP-pqJmeVlc0sucSyvsM7dAtkQAeyyNTr-CVxDxAxapaIgKTufJFhtx3t95_M5oVvyb-sQyTm_-sFuGDBjL8LikNLWwvTdzu240DVLhb55QDi2xsa0Uw49KZG5rhQH3AsU_U2HQ95kQseoj1LJzxJEvd4JU61WqoCDaP4Zt77iIkwuspZ_1YDVq1o9Ab7eidDHQ_AAZyS0tSQkNekghOaMeq0o0oIvZVUHwz-9TNj0WNuDooiVwYFu3tiHbP-gzZhwMSH6VrkjRd-md-3HTLld9_8WFeQuvBU-o9q-DPE3oYs4ib0lYkjhAAdIB1mzRSwaPZ-PflnKCcCPZrGiJeiZVu5KnaSIO98uBS6jdfEV6Zj5Gulsc0-xBUoIeFUOLteDFxsKRDLY6VrCGJyc12dPKp8L0qALlxGC2p2jBoy851K80M4ZqEI1Y35-7gjR2xNMuw2_8ch_dQU7toPIqAqqY7A8YztQQ2K03XCrTT1T_u_UqICUvbT2bRg5MIemTWauKStarGiJM7PvFAZALFfNg_27M_jVLHL_hBHzrwQV-r6Fiv5g-klUh425fW1VnPc35pD2yFKuxvePPso34ESc80AB06Wv-uZ4piR5NyFcgF8WokGmDtJcq6sB93F6tasNH-Wk-WmEbmMO0z6-eoXrbgxd8Bf2KXzx3X-kQE3MKF1CX_-7FUakM0dQ1gNOShH8-WSsUyShJsqbyEe8MEQViTH9jUoxWjc6TigeL838DjhQWBqV_koiqFBbB9BquBNrTlHz7j5i9FSbJMsY77UO0sAs69IY4SUGB4tIiM3lQ0xu1R3vmDxk2zDFB90j2jb86OaoYrhRqzkHLv2tl0xxW6u9qsF2vxW8YLR_NgsHuPvbagzJVY92CLf9df4tww4Iluhbi6WOCDs37ALCPBRsLZkB4GohSZLRqnCulO-g623-nGELw21c6OzLBJOw_5vCPcXSxBXDNfSw_1-rUoaI0vkwWTndV68W-N-fg_kGZHldQ7tF-ByvJDwD255cTrSXU3Ty0N06qJr6e17aJKvvh_1_BRXneJd9TNJshuIUZW96GzlHC8fj3Kk9qcEhbF1dU_WmQ4mn2Jq8jAVw7gKD9tnudDWnbiUBNy5Saqj0q4xHgFwL_PmvtDsJiLoeX56mMyLT82HsY6NffqDks7vNna74qwAkC1xH_zcnmzxYcyqQ3QDcCvCzhcpPHbN68WoHYcZLVa1ugHe2KtWRt7ys5N2kA-SEEZ5U9Sjd33nL_jY2oJSP2C8WRqvdL10VgCP47vrXWThqx6Pg9ZJxvFSa40qvqb-b19f6-DdCWtIysBzAhm8_v_pdBRQecd0zB9ibQO0dEwioE863jFpiSZVmvC8xhtBY5QusAv2-jTMdD47NifnNpukqQi53mds7TrOIxDCudNWq27XN5XTDzdAGttDbb7e_ubiOTGB9rnSrX3IOZ8DY9neVVPFK5XTKvU-vw1-C9oHJJBJiXzQjR8S_wyda6Eqz5wqaPGRoYx562Wd_g4lizbBS79i9gEHJsfndAWN-3qSip0vxPiyW8A8t0q7CocFffpm06g__3qtGAeBCmY_NToTdcuAbLrSC0PlMsMXmfmVeX-qGVHIlqKqD_-Fo6czNQ1SJndRD8BJiVUlDoNRyR8CBBo89cz&pr=67:0.754654&cid=CAQSMgDICaaNPp7Hs_TG3LkAkaZ6HqGYUGhf93YgQYh2dIOBFhNo0DVbz6FCyUGlTIV717oYGAE&dc_exteid=31390217509238277663353517298040765&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 4272 43 B
393 B 30ms
30ms Image
image/gif 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=6bef33fdc85da54cf32a
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: INpnsrE7Uy7WS8WHedB5uQlHxBZlw6CKo317PgML9RHDHCucZ1e3hQ==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9344 13 KB
10 KB 109ms
50ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a6e92336ac1b537348604812c44a4f737740a206cfd3a582837f110f498f608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10390
x-xss-protection: 0

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 301ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: c12d9cd8-ca18-617d-9cca-ff877d626cee

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 9EF4 133 B
569 B 238ms
119ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 36f5a5b3575b3a9576a088016e5d57e581a78bb721de85b65a6260ab83dc0806

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=fb5bb5afa03e56979d7d7085f2cd612253586a1a5ca44016749d9b68736b4a45
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: c30e74e0a85a1d0f8d5227b2a182bce123ada5a5da47e225660db1c518bf025f
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: f66e94de-9b6e-b4f0-ab89-f78129f0598e
Content-Length: 133
x-amz-id-2: xmcaLEL6OSUcqUY3LssAiZc74ISwZC1LMoa2JKkbxCc2/H0MYUNlM33k7fBQ5zQ/kFuI63COB3wmFb7PDs7Sg+9Q5rtHtV2q
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 9EF4 0
340 B 52ms
52ms XHR
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=561&fver=5.9.26-F36-46-52-54-59-B491&imp=8248855875603289632&plid=2521236318193655889&pvid=3420950681100687039&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1701667100282&stime=1701667102850&etime=1701667102850&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
DATA 200
OK truncated
/ Frame 4E44 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a32209d8c04dd5b8fed66b7d436dcae41dd743e8e4cd23809a4d836f23f29fd6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DBA4 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 644806f46afdc2eed430b2054d2244760eac0da4a55366bc659431f49505c9df

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C930 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67e22b0d7a1976ff1252abbd9bf7fee5a8d42d9a9a824e003ede2e3de7ac4866

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8169 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97413eba74e956c5993f494746253b2dce56815b7d7f0290769abe03fe8baa47

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 52E0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 938a0ddbbcb33c796157d4fba269fe90bc9c101c8c16972f3b8e024b45b7f3f8

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4437 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6948095a767494aad9c856d0bd7ec56a649492a8dd4ec1e9bd7006f9efc9e5b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame 4437 699 B
1 KB 30ms
30ms Image
image/svg+xml 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Sun, 03 Dec 2023 10:21:43 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 83845
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: f7ODdowkHwHIJ1tFiXtZd9d72Vo8amogfctjgeefpC91N7S7ctrHEg==

GET
H3 200 8748027647782653532
s0.2mdn.net/simgad/ Frame 4437 407 KB
407 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8748027647782653532

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7542a88385203267507334dfe316097d73841ad41d5d27c381f966760863c63c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:22:29 GMT
x-content-type-options: nosniff
age: 233753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 416536
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 09:50:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 12:22:29 GMT

GET
H3 200 13915685206028675079
s0.2mdn.net/simgad/ Frame 4437 70 KB
70 KB 31ms
31ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13915685206028675079

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51a6ca133d5532acd4b48bdb02356a1fa1db32ad440bbaeefed060ebd12a883a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:39:30 GMT
x-content-type-options: nosniff
age: 110332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71950
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 08:35:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 22:39:30 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 249ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: dac66b7f-61b0-17fe-8721-0820f2b1922d

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4437 133 B
569 B 230ms
117ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: d07e4e836cd124671484a38ab283ec1350fb73ad53576467c881f7c8d0cf4724

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=7b55d245a4a357f1b3f1991ee79b2494bb8f1a532e4167c6995d9d38546fdc61
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 05b1b67ff81ce8879abdbffc0e47c394d8f8110b6a0be8015c0ff1cfa5cc279e
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051822Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: fa7fd11a-f1ba-ac98-a798-b24562bb294b
Content-Length: 133
x-amz-id-2: FAmt9M3E1+b1ID33aQj71Dm7um8LQT/N2lgcELsMqk7iJNBPZzQENCzNnQS/Kj2Pl5LK211fQnsz7RK392JSUTZn9b6YdtVn
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 4437 0
468 B 52ms
52ms XHR
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.32-593&imp=2031724321417137535&plid=2521236318193655889&pvid=3420950686058365789&fmtid=52&e=16&rep_meta=QOSSttprBvD16yQ9euyC2Vf81QW3rW6aNMucKMTr5Q2hLwHdrvCZr5_omvuQ8LOd3_SWrt_7I5o9Q4P3tnPowPTmykjXqtSbzYPANt5alq-GLQ9id4_GbVm9SL6ykotfhfILgMRkW0_9G041I-kPr3nH3U72WVyCGZRXvp3Qw78hB4VHmOG5Lvrai1eLVAI3DlX-AxNbh_CEkjC2n1oc2spiDpIn-EbxanXTzTv8sAWFKSIPwHLtVn6Tt8sO4paTF84x0TdgJSViDw1aviQ0jxf8TiwjhWQ9Vg3dMJJ5PrvJhVOrNpCaypRZtTdbpDBdhXLDj-EdnyG-poNpFBnwq7HKldzKDVCEKjT-klyvNPqrx9Buqek6xSkU9uWiDKiJFEmpq6aKCAu4BHnZcWwAb6hgNbVwxf3aljoeOM-oExw&offsetX=0&offsetY=0&pvt=1701667100873&stime=1701667102948&etime=1701667102948&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 064D 21 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:22 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 064D 42 B
63 B 70ms
70ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_MP45FchfR6xA2un88r-L0lihLaXLWd3IxdtODjDhVp1kgoPuTTKTskQ3b03hIvgGz-5JEa_yK1N0BlqUwa7z3uCYgg&cry=1&dbm_d=AKAmf-CMIBYQOe6Q1u8WfRgSeEFwcrfyAeHIK-wpyHuBsy2psxSaHxAOJQjhQg_P6O7BzDFAFW4VCNl1AilUE01kSxsthY1OTyS_Ipt7OyYzB8IXSyX-UgmGGzYuOw5VlOWSW9cl2HJdkvX7DMVXQqXSaM6QwWxiWFX5D4R_fVpngKdp654IN_B2MUgjdrXs4IHqw_TKLQbaRNdkGMmbE9jnVj9cyyzM3lsqXRpUmNg-GSZTJ9d1M2g7yKP46Wgq44lUomTsL1VPUFg2Cdaz7cPEEpuT-PznB_wtnk7-d5yqu88J03vRda-bFKGsHONqdpO-lxms9t1xpSeB929qa5EBhGgi-nVCh0RH5_9yZfSSQuL60PKDdnOGnI8CjHBGkA5pQGsya2YaO6v-ih7VjAMKzjlA9dZPcraeGBRc5Ir3T01DebID98_M9AZ8D2ZpVjZwiSGqATwN65J4b30V3BkyArzm-vZ3IA9m8s-kNCNoGpXl_dPGo_BKBvpuyys51SM0LlsuLJYtcxttpRsQThWr9ijmSJ_6wTFtzfjIpp0tssaCnl_UAlrWXl26BvxEpbXaAJKIafQLX5wWKKpxITURSmwfoI6_s3TAnZ4GKFGEHpJBbSsaab3DpSs1lLek-ZsGRiMPVnxpsgn9h1fllmFxMNURPreQociV5MHX7x_ocouqvKii9Vwtrm68QY66J4CYP6OPw8BDP6GINX0Ila4I5fT1cZadanj3iMhSfgArvDeSOpAfa8vFniqmK2yVsneX4jAy5sAq6GfMK8zb1LOTH-ADnnjSAL4g1TyfbLQI-KZ2112r8xEAfcTEPY01D_FgYjgD2rSkqzSmkbbiPSqqIND5byjtP80LDfwwH8XxNiWiIp5NXRGcweMGWnDnZ13QmZZh7vEHp6LuTG8wSd63mB5BLgeqxc3p0Fta-2xCz8_xGKPFOs0Fv-toJhKAtKepsJoTJSePSEDQHOoyLLpPvX9eLWGv0IXOBWdttxBJXOTZ6viF0zFhmtvIqLkGDMbPpj5kpPh1sQ0yAtZRltN6abOgpFUT7GdOzWTkHw5gRm6lG-bUG25f-oitNrpYSSKkZipEp-0X3iomOIqWolU6QB4WeUY_TWEcPTvB-sOxY_MrOOVnF-smInDAyGvEfpjOesnBioPUew3fm-ev000_DvPy3zo5gQVyui6jrB6Eese3m3z3r_T-bU7VPJ-wZPqJhS8fH70a4nv2lv2PsYbEd1eFbUpl16HItmG_lKd1d3Mzzd7A55RUn0ASnVN5xVfIUcKwhMRhfnhaI4Wd405aRSoaKPGv2fY5l5xc85YFiXzP7uCScmpNh-DvVOu9bUFPsQWBS4rJ-TEnIReXnaWsdpsTLYz95AEA9W3BB5s9kL4qoxU4fHbyjZIkCadiJCLEBuKd-7pBRj0DbXn1VzYfD09sv6ZJu35R1qWiOv2Ut2tbq-L_e5-HZ6eMu1PA1qKuNQ3CAKYFoafnIaruA_i-Jj5uJ5RjaJl-SMzodO-fY85iVNu8fpun2JcxBf1ABLJCMDGen5Y9L038ykrog4hTT1ZiymSl14vTkey27aNUXUBxakTP6E_g6kuYJd5VxdrTMaccoX-4XW3GLI-5ZbKzn03w3ru22A3NNnHItwnDHKTBevT5cTxaKwa2umwknm4GXz0abFxah6LnHA8mV-2M8E25pxHjJ8d2-wGrCeDRnF7wYgLE_I1FmGA0EQ2SeVh0swumUncT8sn96BrSoUN26Wl0pUojBX6cC_VfFZyyewd4v6einPlFcHv0IuvPLTrGAu9LXMvtoRWg57r-V5RjDr5nwQZICVewVrK3vsc9OJfWEPSzXrkvAf6tNCNb61VFtgcvid87Q6w5BeEt9wkRDzQykIiet_lRszwjmVxJmHIKlYKa5OOJrFqLuzzXQhKFp-F_Clepf1vzTD9qH9QWyBkPWOTEAsaYIyBo4_eNpNw788bJvaR54jEQcPmTEXX7JsfBUepHeeI3S0UgV9zz5ypU4uKaVU65k8CBWKHPs3PZCuE8913zuJ1gTPe8c4qDJLP-KsIBLGY0KlRYNmz-KzSbB2efabhxKBfEVVnag5GkcWMtXm69OesZ1HHAizOX8KUpKoiCP-tWCf0zWudI5cFAEy34U_7t5aEPpaj4soulQR0_EfAFJFz0Fc3REQKbbfUJI9_W3uO689Lkb281a5qcM4qtYVCig3SNtCOTaZlfl3bCv_Nc48KTiamRQZT3BpRFFN9Ps5Svlhln-lUN_bgjwUTY6FYwY_F3na-f1XdcsFt6Q7ocLpkJeb8Mh_aZcPoZjFRs372NX0jwtr2Hn1_DEKwHln74hzAFSHX0TznxAguzvpTA2ojWpT69j3azti0XFTy0&pr=67:0.754654&cid=CAQSMgDICaaNhOfH7YY5ZDOVLImwj0JAE7gOiXsYknuZOXLEJJ02vl4sRXgg0fnHmMRH2I38GAE&dc_exteid=31390217509371039007907513964546873&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 4437 43 B
392 B 30ms
29ms Image
image/gif 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=cd80a4c926a2b0e94acd
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:22 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: xeGu2za56Tz2Y7OzRx_g_t7eKCnBao2pBnNPmYTQmAtAd3WuP4NIfQ==

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame 52E0 699 B
1 KB 31ms
30ms Image
image/svg+xml 2600:9000:2057:c000:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:c000:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Sun, 03 Dec 2023 10:21:43 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 83846
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: hvK7SeDLRXuU-UQ1lxFaaGoFWLRqVLsHOv0kWOanIJw8QCLR7higmA==

GET
H3 200 8748027647782653532
s0.2mdn.net/simgad/ Frame 52E0 407 KB
407 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8748027647782653532

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7542a88385203267507334dfe316097d73841ad41d5d27c381f966760863c63c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:22:29 GMT
x-content-type-options: nosniff
age: 233754
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 416536
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 09:50:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 12:22:29 GMT

GET
H3 200 13915685206028675079
s0.2mdn.net/simgad/ Frame 52E0 70 KB
70 KB 30ms
29ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13915685206028675079

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51a6ca133d5532acd4b48bdb02356a1fa1db32ad440bbaeefed060ebd12a883a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:39:30 GMT
x-content-type-options: nosniff
age: 110333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71950
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 08:35:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 22:39:30 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 202ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: e0e64398-92c5-3bfa-bd01-20c7f26edc6e

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 52E0 133 B
569 B 263ms
118ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: e0173217f068b0d2ca3be4e67a47a4a93db5b2138a9806d7a71fe7aab679e726

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b09eac1f226a6305fdde65631de5ad36f6c4d810a80dde8dfc7a134b390eb6c1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 5733e82bb2ec15b61564db8b5a7218f6c057c82890fd82e790e7a08930989760
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051823Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: e69e334d-decd-10da-bb79-50126c53fda4
Content-Length: 133
x-amz-id-2: OJCv8S0PoqeeQ83Q3AiGX/cJKjJUU3gMj3HbOaHAwF5KiQcckcsXGEy/vbF49g373ITicdpFD/fBAJzxkG5MoTuAO+sG4Chx
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 52E0 0
468 B 53ms
53ms XHR
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.32-593&imp=2470412086186791617&plid=2521236318193655889&pvid=3420950686041575681&fmtid=52&e=16&rep_meta=bTc-NR3YUAq-wkpp4b6EauzKGRjHwJtrXUYI6ILCzE0LrT96minz6qffG6kf_BLsQ9pQ425rNeLTH5_SfqGNP_fXs9TSipPGjQqgXpuVMdpJKOkDtDbZOYHeyeHc6CF4hU_RjttHeVGTBlM2ZULRaOZAz1QCfPbwy4t-WuWkMiVOxFWWjxAOD3T0qPNNCz6g1q2HR8_F4_LT75Uk75oCl0C3G0nS3DzYvQN9FTlrQ0k-AmT7z52gQEw7Vlc-Htj6npGikXP3C4UvaBrblasfr8Ww9xjvVhwPJ04mSJkiWF5ir5Mfk111nTMsiHyChCjzFeMyqV83qLo_lwCV-G0sDh7m-q-k5OmBPIlb-ed9ZpUa-n_ZhInWBaYvHRzihSkON9mYMeb5L7MB-gmRieO6PmaXruUg5_LKU3EvUVMZkVw&offsetX=0&offsetY=0&pvt=1701667100871&stime=1701667103042&etime=1701667103042&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 400F 21 KB
8 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:23 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 400F 42 B
63 B 86ms
86ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3ep2YsAam4e-TTeZOphgN-Eu6UoUJJEM8UbgUx6cZEN2PwoOJKJylGt_thquVRnEBISlIv_uUKhauz3lm_hdgkvOmug&cry=1&dbm_d=AKAmf-CcTXR8KsA86geJJbwc5sgoK_3r8JgwNHq_2wRYwJjonG6sah3F_V-XBorizIC7gpHtC4e8zxpUehGnGks0EPVSnwk1ZG3vl8ao66GzQmaHKot4SumKPN_WCB-ugpD781rjwRMsA5yBxNg7PvYMnrR3yyoiOUG-toP9rvqvZd9XhMhaF76PHddol-ff4zRB0eC5L8jPJ3v5tXB3WOHjM9sc_wC1z9xmZ0_KEG_2cdTeZZF-LmAnCgHF9yh7gTDOs5ZtS7mZGLEho4vHh4ZA7TFyCvGYygwAnyKRBACB5L9Oed9OvF08p_VAxp7s7pBBEwir8blnKW6gBOEITA-SGeFKicE-e9ucSCGAOQX8p49C-vxSPRutRbfAxCc4lqFXHg8I1UVMib5AlqlTm1y0iZqsxnpXkc3KQ_gzxkeksKENwEYm9Oj0vTI_E1aEomEqw6npb6tZs-JQVQYtEU5GgL1M9ipgLkXN2tqcxJs4NRZzg5kqlLptOiZxJooE_jart48GbZo_7xm62S_piZGtfAC-zkqrT-UB-0ZJldrKjysJCxJF_OcCqJTecEiyg_iKGpB9KxjlArrX4nNePNT-zZ7UfQeyo-uO_iB_hYicxb0YGj-3xrdj9caU33vcJqiAhvld-7kEim5RffTW5vejc8Z7ZHEgaR4ILi9rlkTupZfIGiwvXRDZLcTG8bci-iLogCVIX_HVxSdachqWl2yfHXojMv9BDaFwqn2lWScHaTX4vkzSvU5RSWbF_O7WJc5TPo7TKQwp-fpiZu1USah6TL8dK5XPNd0jgmKONTOmU9PCxbDPhODS_v15tOxWq5GE9D3AceLbJzPAWyhShCkN_JBOZmoh3DmBJqo0vMs30093DXsF8q94-qF-OiDGHVLOzXmexzaJpHHNYjnB-cN6Rav54QLgWMIj_nWCeZx0nhiNIB-8IIC0j81yg4RxmqEGWXNYoWGLT32eSV0S92f4yIBMcks4kmGBRFqY_PU80VPpXhywMeQmVVTbuiYbXyWSvbJ0rgPT2CjxbpCBaFdoGHa7QpiHV5QC9SRZ357zY6O271lUVcdEggiT_UqcdVH8TBfaUhtWzt7pOHIKu1OnMS_E9t4StDqZLzOPiBBibaODGfz8SynXRfDFGrCFxsQgcB_XjZUGpBJ6ra1NbMaouZdYrSvj5_SlTJjF5Ww5c-o-DRdL9i5b8q9tmFZ2l0t5AwN52zDbTYLu8DmAYHmntvI1AzfZVKtuI3IctpmFq7_e6FICLeR1G70zNzmYmrfsyGfmctRulzIXPoXCCAsF7CF-uPwpa8zWOGIiWzva6Ha04JuvMTxp21cQWVbnYusUG8hUofctn23gkc5yPqgJW8FZXcZzntK4miYu3W0ZG3ciTwEj0k_D_EZs-aqpqgi0_dp2RSTyG-7eieIv_Mu9ng3-Jjt3IIaxSAsNggJJm5Kh1Xl7jW_63rqvTGiHIgmBQHKcGw2VHGKYKI1Yd2a2zE-taQUxt2qqLfhEEXtFR5XdymvC6W8va6MD18IPHxV2MS3yQ1476EGPKgXpEq7y7PAdTBszqwPAwjyXdsHi-lWcjjuqoQ1y9WtB1BHlrHKSwWj-5w9eOyBArJP9v4-A8op-tcr8rLVg3KBVFVUOn-bCPZmHUy4LBJHaY2qKgxJe_q79MhOsn8nA60r9jM7TxsJYorKiy-ICNoBumR-G4FP8oBdh5lYyc2SmeAUSxEMrzJhWDjlGEWITqiQDVt4NFKnfN9y_bCZy9HjZlQYD1alfhtUx-JmkWgS5Hz9_wmBsp83DbvUwTsrucfBmm4kNuBYurH_Gwyh-vGCB9pQdGzSuHC6LNgyWYsQDx0gCn3Ai-vMVPUC-wnDKeEOQAZUYruw9468NBOGDtkCwpfThArI5j4pTAP9e2YYX7EN-ie3XErsMIKCBbgM7vZD9bPiO1aXDMfp5zDeX-AWxQFlYSPSg6xWPHJ4OZsND-bIfVASxKd6jsBgpGeNeeySZnbSlua_pJhBUz2JthJqopmUoa3x3dnhiGJVxbam6sisTKCZ7FIkOHnm66t5p6LVCctGZwM5o5ONvx7ypsRhJlwMLpXkqZ0-m_lWVpPU_ev_0i0biVPMP4wVYhDMlybwHkk8aihzu54MWYykAHftFl-NGPS0PwuzUUFrL9V8UHoUx6Cx8o2Bgq2652ybAK35dzF6QlWebFEDh7Mq0lwZdc6M94UuFAPH53tvDbwmobW2PUSme-7kbWYSpvfINoPH5MYQxhfp1vqqS2jo0Ca4aJPYlfKCFT49bCGSZUZz17eaOsyR3Wh3z5EWXRSCrBjXuRi7mM5mPTV-3ibkR5Wax36ly38o-LGsRc41a2feybUAGyKHy9YR-ZGpD-6sZamnlfSs_xDNiDKKooQ&pr=67:0.754654&cid=CAQSMgDICaaN2eCHsBMmteorv2fG8b7c1uTjb6dwPXOW8BgblM9t6xQZGUMQ2ArMD1SOGJS8GAE&dc_exteid=31390217509268973172941137881101640&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 52E0 43 B
394 B 29ms
29ms Image
image/gif 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=4af879185c1dd91787eb
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: xlRQRvC-yEBSxbN9Qw2KMLj18PEsiGG7CSkjBLSrl0V3gnqeY9zMhQ==

GET
H2 200 banner Show response
ad4.adfarm1.adition.com/ Frame 4233 19 B
400 B 41ms
41ms Script
text/javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/banner?sid=5152764&adjsver=3&fvers=&iframe=1&ref=https%3A//folkd.com/&ro=https%3A//738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&kid=6122633&bid=18910171&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRLZbHGFtZdjwMLzPjuwPt9uyuAmf7sTTc8u%5FkNOdEve3vs%2DIChABINjV2Ctg9YWAgPwDoAH39%2DmEKcgBCakChxZyOYpCsj6oAwHIA5sEqgSOAk%5FQVwo9t6SpGSY9JOTK4mZOvtH1BgpkJV%2DiH%5Fr9KdxxGTK7v4xOyIcPRFo584vHsHuaT328Hw95M85NxX66u41soP5pUS%2DFu%5FIgVUpcObEHEjELkGyurycdZJPgHYCyrGHnRGrEjDPXN9PutzL7XzB4RCCqGsDLz7VF0C1Ai0pzMFFjQw8bQjivPFwXlJPEimuAMRezV2PiSfHBj6Z0k0IJpxQdjoRLj%2Ddulld%5FAXTlQS1vQK0%5FvHwdVCoIhrEH9HfF7EHsPKD9lUFRSQUYwpX0cinB44qNlVG3wicnvfPX42RdZqNrTYh7oC%2DayT%2Ddmy%5FCyZJhfAHvvq0b6AajITVTHWVQ0NB4KA1Bdm3sq8AEvKyivsYE4AQDiAWGts2DTZAGAaAGTYAH96%2D65AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpY657F%2DIP1ggOACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJDSOINEwiO2cX4g%5FWCAxW8p4MHHbetDJewE7fi3BXQEwDYEw2IFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNXxgMCgnmuSVQZgTAi0GsZPDIAHk%5F91Mwc4prGAQDYfmyKyjv3YeYVkGMvB9i4G20L2SbqiTSuRgB%26sig%3DAOD64%5F2U44%5F6WHCwfQPMDy5O5Nz9lQthYw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DD8%5FtEo27UV7ndJunUm%2DDQZJsBwx%2DEl%2DTTGxRI06%2DtPyybmLx7GdVnXDHaecHkr4UIAsb26sjo51J109S0nvHwT2Z8big4ZYkugkrB%2DfW43SePLFnH0vHZWVreoOgizXERRsZEVTitc9cPRLOKV%5F2hrt7VKVjTbTtJjmLITIs8%2D7VJxKm0%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCf%2DZf%5FGu%5Fwl2XRZIjCHJNSyuIIo4DQiRyST%5FJjP0BfuzrGDJhXPlP9Es0Tf13h8e7Dam05%2DFt%2DUtExAjGgFS1G5jcWxl6fGE%2DNmRLX3e3LEBdJAlnNfbSMhxg8j1uv%2DhmrLXW2nMG1vTKl9%2DyNBJ2FQ%2DfnX%2D7a8%2DH5%5Fjhpj3%2Dki1ilNUK4PvGbhVcTn%2DQg%5F0XJ2pg4CfzMSXmNr%2DD7D%2DnWbIyffG5abSyOZwrOkg5VEa85ZDJGmFLW37waaMarTEB2m38qQxoW0WQ1fdFD6CwJ6kDMdILDNDbfeY3NtdghNKnwj9JzHKkRqDZsUBcndsYSKQM%2DFMS3M2CMoZ70DE96F86SJNdxDAwVsZ0UEDltEJISsokD%5FzokWOvzmr4OQd5GpEbyqJrWbeIQ%5FUvtvbBAof41jNYVfldgXHBgxBkb%2DOS0D6mbE521yPjJo3m4MR353VAG9fd3Ei%2DnjfaYwhXj%2DCT%2DmyRyJzfHpScK8eRnT3EZSfaaQKegQT5LDEidHm4XXwd46dM7PW6SUU64y%5Fnu6WxeA9GT8OaBPeT1VFbGGJ9LxbU%26adurl%3D
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 06:18:23 +0100
server: ADITIONSERVER v1.0
etag: 7308604556065377036
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
content-length: 19
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 9EF4 133 B
569 B 267ms
119ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: e3ce6f9035f344273090fb0577a4fbb1d779cf37bc796b0562cb74478bcf6909

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e2d3e620d135d59be17a4a29f1079814bc3aa6dbec4ba16365b8339629bfa827
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 8c98f89ff758f9992497c24188fda4dc763d11858506f6d76ec3af27e91d4355
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051823Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: cec4dd13-9f58-8631-9323-be4c76972de3
Content-Length: 133
x-amz-id-2: Xu4NYXsHnmIioeSUmGw+7fKib5iZyiCvxykj3PMCtwlyMgglnM72SiyadIWTSxG7kcdL2nzzeRwgvswjK82FfOOLi6rQwm5K
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 181ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: c7393da6-6fb0-0bcd-9ade-5ef9dd2ee6b3

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
289 B 233ms
233ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Mon, 04 Dec 2023 05:18:23 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E624 133 B
569 B 237ms
115ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: ff25806ee306cc6438d3efdd46f8fd14d2ea14e909a625c15506909bf7f4d5d1

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b98f13a1b4d520b4dc04abf99290a692531df5b027e3a0a581267570ecbc50e2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 639cf93184a5d86af5aae01d66f7bd5cf4db15956c6b34d376f135b89902bebd
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051823Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: dc223279-bc47-253b-81c5-5126078ad363
Content-Length: 133
x-amz-id-2: fzzFsI86Jznz3sFfXpdtJeHzwpLiJezel5PYu1+iUSz/bUJcL9s1k88t6sCOgW9G7qvcCTE92nkyWMyYgWTGqytL4plta9Mx
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame E624 0
340 B 53ms
52ms XHR
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=396&fver=5.9.26-F36-46-52-54-59-B491&imp=7361272455628332211&plid=2521236318193655889&pvid=3420950685957697777&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1701667100861&stime=1701667103095&etime=1701667103095&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 208ms
113ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: efd3212d-9f7f-b0c5-b234-427276b01b17

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C930 0
0 72ms
72ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ck-twHGFtZYDdMLSxjuwPkL2V4AWH9JKQXOjrpun1BMCNtwEQASAAYPWFgID8A4IBF2NhLXB1Yi0zOTQ0OTU0ODYyMzE2MjgzyAEJ4AIAqAMByAMCqgSWAk_QQkVYe5IJ-WplZlfLJ6GZIz8wSLRm0eMzaKU9i8IBfAnnc91WMqN_t83ppO5OUpRhwDwVl8TC76Zl79WY4JpW41SaJFmYAT2y1fbwomQ6302iAJQrkIk8SiS-kmkB5c9OK8rYEjw3A9rO9qfzTGtZO-I2H8QsYuY7tlAFN4cJDITPBD2N2bP89_9Oh4xvFPawQAFn4smF1eeyxb4qgNuakAOsKNvlCn2Y1DwiV3PZ5xc0MfFCxAI9vjMIU5a-3ohc6lecoCznk2KyNavCQnbZR4qe4FNQI_67fojQkTqCPGgFF3rFDhpzkqUrhk7NlpfgmjyjM5gELeGVQphgzwPs1y99KMcBwgH5G_XLxdCeT982m-LQ4AQBgAbwsPa9yvDjyboBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOljVjcX4g_WCA4AKA_oLAggBgAwB4g0TCLjBxfiD9YIDFbSYgwcdkF4FXNAVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=Y88edVA7kak&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNpoQjh8LoPyThc-lwGjevJS520VHw3331AQxH-8f_shES7ze_iZYqvRMRG5whfKIKwZGmjx_kGAE&tpd=AGWhJmsMDspSLQUViSI6mdBGb-I7bQIyv-dVkqnofVCayRH3ldd1j03vkVCn35af-3_E6WmM3d-PI8-lt8ZWPrefMhVeAXyYwYERR70ezQG3XnzfMpE7BGqTV3mwFHjcpBZFYge4vAjr9QvT0OaMhj_Jvb_8hKRY_oQLk6vz0wryHFzw-Xr6VVZuPnggIp858oC96RCcVKisrfA9cDz6e1poR1Ko-h9oDgi7y_LrnF6qmUE8DEN6EpHbzStQHQlp7_axWhhalWT6nhCwk6KRmFlOL2TlH2hOsKtDGUnuamw6JE9sRiW_JmDZ9Ptolp20_wKODZB0tOoJq9gUiwrO3rBq1g24ix2ribT5GjeQLL4sQj7PHiDe5k64A3Zxkx6rJcuXa2aDZ-7FBsiMznzfFOZZoNV21kM-P_vpMeJYqb6hvKITnDDoiKEDDE9tLHCjDUWyyIuHwSEsFzDyGl_4e5_nvlVAs5HoOKEewb9b_f8fzejaTvWr4YkqPrjuQ5B81ta20775UARuForckdIPQyscKr4lFj5AcBirbNsyFiNgx742f5FmYNJl8EKcIjNRyeMcg5QpiWvJrft9XVceFFHaHglRJDi0qVnk6t-zpKED01K0u4QcLCOyfLI1JyW-scHuwunJK1RyYp47QsYLk1DoiLU7jjCDMdC6kH7x9PrYwPTAhqhU__KEib_lAe1j2XqBv4B27jGusrLP0xVwxVl4nD1TK6WAwf7opZaifJ6oBXVIQwiJ4dNPHBOMxQ-vIXH4Mf1MMtpwKvm9qOf7e-Cmr3vWVlBSMtV--VaDGOmoz0IHjj7U1ZpIvUct&cbvp=2&vis=1
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9344 17 KB
6 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 05:18:23 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 198ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: c56c0ba6-5573-8cee-988b-68f9c672093d

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4272 133 B
569 B 238ms
119ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: b654a6dc1c6f6867b36bd07a734279ebe5e91f8b90213873d71f15cf314b2515

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=cabf652c63c885ecd28c01ce1338d11df57520e9c1ac34872248e7844e9d51de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 78db78896f99e466dc8946509cfdf81e1fe0c7592dc689b8bfbe7ed031200528
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051823Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: db98202c-b61c-21a2-867f-4373251da471
Content-Length: 133
x-amz-id-2: c3ksbBHD28igiPRzSJ3lqvrKDxYMVsLs4bzXNBCo6qV29mWoqd6PAacViEek5x9AiiMeohx4GKaEt2D8Rmlv/VhnYOzVcvT8
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 4272 0
340 B 53ms
52ms XHR
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=291&fver=5.9.26-F36-46-52-54-59-B491&imp=5041519242139059885&plid=2521236318193655889&pvid=3420950685991242789&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1701667100865&stime=1701667103112&etime=1701667103112&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 192ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: f0eb9901-48bb-224b-ad0c-fa5ef376d413

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4437 133 B
569 B 272ms
119ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 723cae47a349e7a82f1b1d282caaf539db77ebfa4264aa95ee8638b5c1fb0c85

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=dd00fb307647d8177ba750c507749cd677770fc9c6654beabe74762d798a24a3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 90213cdf855693cd09965a0be5d9fc9f04f23a524aa7fdbfe2c57bbc241a9f6e
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051823Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: f07ec020-3a8d-8858-ad99-a37f5a266fcc
Content-Length: 133
x-amz-id-2: OXFD89vHvmv7L2pz/2IGIp9MTwSLzY/KC0u046e9ntF70krlitEfOYGzq2oiEeO8UzBQM/yRhB6vl3hdESdgi7WX6I71rr0e
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 4437 0
340 B 53ms
52ms XHR
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=175&fver=5.9.26-F36-46-52-54-59-B491&imp=2031724321417137535&plid=2521236318193655889&pvid=3420950686058365789&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1701667100873&stime=1701667103122&etime=1701667103122&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DBA4 0
0 71ms
71ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRCBcHGFtZd-PMYm2juwPo_un6AyH9JKQXOjrpun1BMCNtwEQASAAYPWFgID8A4IBF2NhLXB1Yi0zOTQ0OTU0ODYyMzE2MjgzyAEJ4AIAqAMByAMCqgSWAk_QFwLOWhmwRxB8GvTNnQcaBy5xMw4mWqBYiqTChLBAp_O2q_svEL23WvUVd4at79Am900C7uQIUoctVAYZFg35Ya7Vh_HpyG_X4mK_w0P4oWDPN25SwYHyL73Lj0ovng_OtJ6bjiXZyqFanGMFuPP9vRnKFm0phXxgQjrnIyEC1RhidlmcCWO4o5usIssKz8ye-uGaQb_Kh-9Og6VHMB5zVnWgiuo6UdyUY2lTr3lqTQKkDbvtlfh02IeN_Qx_Bwk1TIAwnrQjKuFiPyva9dZy619tT8L6s3qZnb_jVefSd1SxkqcTRVE9tdtd5-Cxc45XezjO3hGu4kdergxSI11G5gxi71_PcgHvOP7F16qe8meY3LIT4AQBgAbwsPa9yvDjyboBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOljD1cX4g_WCA4AKA_oLAggBgAwB4g0TCIeIxviD9YIDFQmbgwcdo_0JzdAVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=el05mniMAd4&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNlN4S5GqssW7OOUrwAbHM3OUzuH75ZsaKpomcjVwcMIC2JI0GlXBd4lZFCL7d8-HfsTAR0_2PGAE&tpd=AGWhJmtla8vRNFATTxlp3w8ccLMDu073YdZ1EPa2PbDkqXc8GQ6OFFU_bu1-GwyrnDQ3vyeZZweqeecYS9e_N4DSkDniMc8g9gHmSlhemxgKWJKpiruGdmaL1wff6JFpmXc-ZlGeoT7JPJG9oejgSwnnu1rPTQRn_RACx02D98xGHqQVtuX754bsi2yqdpSwc_i_ZOJavFeazuJPTK3cMNBtD3mMwksJujSJaJMgaHgjabg2ieUXs5qZiNrMFozxyHraMH-rJezpH6jMtHuopjA0ZUfc-FLqaF54q_pchmJgQVwIV5sbhvPE0HE6mVJTty-Wr0bwRDX62pTAQTpMa9ZOTjgGczGhtWUcH50Fl2bjBpF2b8kGp6UkoePTT3NCWQ9qRPdsVcoXbFAiePQHADQP3eUdCvTt3BMNeoDqsIsgS10oM9wPj8viMShaQ6URS_4V_pQia8yQQ4o9j2tFR0d9uGrzmCIZUpIGhb9His3rrzi_66NBIPRIBOy1ViHCmdVwpIbjZ7FMjP0YDUw18iihEisyOevWCQe-0-wH-YteqsA3sF-1qrxE3Q9jq72kRR3RrkTMHBFaCg1lIFaIcKTBCzvCLVNEbpnRKNsP7VIG9IC8TPTE6LzVUjEZvmX-b6Kge6eBRvYV6LfB0XcPKqOlGufl-rvu1d2qHDjF9gmL13z853ZtKfO9Dtb9M5VOMaywnminkyhn9FmcrxtRpyPtH1KPyBqjVbBpR30emDRK7WueXHMPzyC2W3c_JrKrCQLhyWeK8yjy0gUEEAHyTm83Lt0UVfSSbMrnEvE4eMPmk1HYiw6-M0ZzZRx8&cbvp=2&vis=1
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8169 0
0 72ms
72ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsO2OHGFtZajzMOirjuwPzaGDUIf0kpBc6Oum6fUEwI23ARABIABg9YWAgPwDggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBJYCT9AuG4psDBa9haJ7NPhcNTt8s2ABkd98wa_90xByOWPiCgc22O_S4nKO8oAomPqgKUrwP-lFqBxH6IKUjGiYWikcZZgkJUpJDDkyysXv2r95rOaeCYcG7Dfp9V9_v7kqLXz9D9XlFuqSeO-e5w_k5X0klH_644tpHJdYSV7OC_1Dlac2dhzsj1sA9D4_x805HE_T2xJor8Ahia2A6F7ta-0QuYIyyMXh0Q2hjHbw2Dkxmu_jOnnwmyNnfGQuYAyK0FJfVyem50huLryeYbKguKHV05Cko_oJoq7K3Oegcdb8efwYwviGyHw8k4HR6GPTMSJRr4KIs9D-n07f15kNs3neeOC3Bpn2m-zOhX0MeGOca8TyndrgBAGABvCw9r3K8OPJugGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggbCIBhEAEyAooCOgKAQEi9_cE6WLSZxfiD9YIDgAoD-gsCCAGADAHiDRMIxdTF-IP1ggMV6JWDBx3N0AAK0BUBgBcBshccChoSFHB1Yi0zOTQ0OTU0ODYyMzE2MjgzGJjbEA&sigh=cYeS01blZ6c&uach_m=%5BUACH%5D&cid=CAQSPADICaaND7tYo64ptEE8y2jirX2KBE4lYeCAowB8XqS0zwOn3bn5AF8g9fB0B7OzObCg-CMwnfR0b5ZK2RgB&tpd=AGWhJmsJpynSJBgzCw-e_X8cB0b0xNrshxxD1R89pDtqYe226RZ9iskKjsp_meE0pqlkPsFBkX-4kbdqyuGAyH87xdXpRofaIAybFphLQHc40GDjGLOogBwvmrHWnVbt7UJntnongLwnQ_jUNTvXdPY7amun4K9ebQlWnSsezOkR0ed4RQELXRbnqV0MMXXiFyn_Mo8EZXSJw-vVN0x4IzWT0U6E-z-luytPdqxkNXkf8n4ghwvnoPHtrjTK6RSk5lKZgnN-6uo59M83mc92x0XvEnyNica_XbjV84L4rbvRUnsd-RYQ3ru3W8uUFaclyooSqgIEN6jy0qveWUyZyK0RxCN-K1SAUV8bERVMSXX0LqwAHHnyrZgu4ucRVHZU14TK1y_XEptS8QzqlKOXW_-Ewte700tViHUZ_bBHLlmFAolIXCDu3sHW3kjUUVFGNhIQw00trkp8Cq9FOOrFie-fg73EefPHiG0Ryq5CNXpKg2qDZF3roleC4jz_9Z-v1IyEQZNsyFUq-p_MTerJCqERYRdHMTKPAa2zHTajeIWVMJqokbqzZCYI4EVnlTyQTuNGU0t_0B2PVAU-DZy0UCrVgU58tqPQ3TO04EznGA8plwaNBcgK-erxlXk7LOWqwC97BFNJwy9TGT0MbE_1FJkC1Mb4vmzMaO8SENoUnEGuOwqr1AGo6uT4tq-lbGRjGrzuUlAUrRqoj0S3jWO42KOu9cGLMknR_4sm4yMfWBdvEd-cjIRnXklcqWugA4dQZzIJYk14nsw2kbI5DTeUXvMAs5UxA5-LBvUUIWht28z3VMgvwyB8En_O-al3&cbvp=2&vis=1
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 230ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: c9568586-d71c-9378-94b1-e6d9b7b774ec

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 52E0 133 B
569 B 266ms
121ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 8710cd4f6502a626e388836dffc39d45860656c1b1cb1f54c4d11c5749d1fce1

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=268949b40fb2eedd98f16e23379b79dbc6824b45386e44cf2ff47f9647eaeb1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 02d525067745206b0e4a8f202222617e196c4dd8343fd00e701c8b72b73a8abf
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051823Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: c71a185b-68eb-3dc0-9afd-7b04df913053
Content-Length: 133
x-amz-id-2: kIWJDmFhO68+9XppTeKFyVP7KtktoCqeQjTSpJ5nQbrbLaUTciRtnSL5R6gcX682c1qFWO4zOYcmH8at6aL/euSoTnBIBxXd
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 52E0 0
340 B 52ms
52ms XHR
text/plain 34.255.27.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=85&fver=5.9.26-F36-46-52-54-59-B491&imp=2470412086186791617&plid=2521236318193655889&pvid=3420950686041575681&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1701667100871&stime=1701667103126&etime=1701667103126&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.27.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-27-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 380A 13 KB
10 KB 42ms
42ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6220e6ef65b6a090d2abe4d8fc9b707cfbe92951179610f27079cf76a49e4f61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10239
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4E44 0
0 71ms
71ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkanUHGFtZYi_MPiRjuwPrdCegASH9JKQXOjrpun1BMCNtwEQASAAYPWFgID8A4IBF2NhLXB1Yi0zOTQ0OTU0ODYyMzE2MjgzyAEJ4AIAqAMByAMCqgSWAk_QXCNSedeIFWkr_pl-aOvk7G5zJs7yvo0zp7VtWzl9ElhO7lCFAvF3fwYijuNhwRjvOjKoSt0jwi8kX8BWT6NZfyjJUwOL0VpcXFnYaJU9Duh70TzQTZs11p9S4MDvt8to8Kae3vttad6_xEfJWT7dK1QTisW3TPpPPWtrR2zzYF7nVFShFIdntMua86z66PNf5d-yeztx0C0hMADYP3OgpAOG1Vy9l-lW9_H7BofjuYTbm68SMbC70YJQKh74jXGoFqEU85KwVed9dKeatw4aE_4FpYK0XjyeeCfuiVgsRyzonoGVztVmXrtK_sSAy25jRDoq97Danu2RhAwvoscWSJOpcBlAuUkp0fb3HTHtqkqTXVPm4AQBgAbwsPa9yvDjyboBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOljZlsX4g_WCA4AKA_oLAggBgAwB4g0TCMDJxfiD9YIDFfiIgwcdLagHQNAVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=k8Bj8xHvmpg&uach_m=%5BUACH%5D&cid=CAQSPADICaaNnw6kcJMlPbtgLfOWe9Fd_iqJs3w6ROQpvFz7YxVFhJZWFxhnZQ-VV8A1vu4EtSLBtv1B3vCCmRgB&tpd=AGWhJmvMJVId59Mo3EZHfxBXhjrLPHFLTqELJRZdLnV1pU04mQbZ4byWNtn1cdwGLa3sACalWyht5Z2wYwEMgxMbOCbCEUv-TEXRNo6QN7IZPZqwpfnifoJ5Li6Ny6E7mxalMhiYoUlwx5gl-ax53x7sRuyI3u7Mevh8wA7GA8FFdP_5hvAepXLBPnPutOBmGhQjn6IPaqSHA0Nl6cMBbubL7z5l-zm7T1XcaTVA5aHOT_RFJv8wF10uz9UvnAhY13nmDvH-1_oJfmvXBUEJVNPY0uEHeojuQTJi3Zu0WZJaWOF0hGNxXmnX5Ke0FpwmxmU9B2MlK56Toju4rOR8FmVBCcJY4rX1t4F2Zd1uFCratKfN6xLKA54K3qqtTFUtz035n6kYfitFZ9gKxGcMgUu6LshgFaje62boHKfww-BG0n4qiqk61G-d_w5Ka8ewEDkMUwvQl0ggUtb6FvCtUDdPM4O1Pwf6lELOftUR2KnaIJ75ZHiwCm7NFrpQk-qQM3UikKOwrum0mqBfLRMgZKFC__Abjdc9xRgXd0Ede5TZa5AxFfJAIsL1NoXN9-haupEsI5Phkyb7n_5ob4U18V9KKOeydoKbK-nfWO_mSL_jbYxQ0AV_rthjq37FybgzHJiSw60tgvEInLucp9ODo4WNPh9zFEUyBS31nRHwruu5za3wel5GIkejMfV_GvhEwrX3UqpIFlDlEMZ_jW97ZdfYS5zfoVvwPOY9lJguJYjq8x_C4hUlIQNbKS_dPJ-V3PTC2IaqvwHy2HeHBJHHtwVvMM9mdoSJ9V7bqv2jSL1nWVZW34TbvfIf09XE&cbvp=2&vis=1
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FA5A 13 KB
10 KB 42ms
42ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62f45bc646ebc22f78e41abd8437b41e5a042d82e9d5c8c22d38eefc9acde92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10332
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 064D 13 KB
10 KB 53ms
52ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dda2ee212c28e13dc8dcc02592c31984d79a093d43587f04072b0e39bd846fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10394
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.113.0/518423/AmiMw_EREAH2vpSz/ Frame 875C 0
145 B 204ms
51ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.113.0/518423/AmiMw_EREAH2vpSz/postback?oz_pl=1&di=folkd.com&ci=518423&dt=5184231558719353398000&sr=yieldmo.com&md=1&si=2331256393946538634&gt=ch&pv=4e9ca87e-5fcc-4fb3-a8b2-0d801da61695&de=2&dm=728x90&pi=3420950681100687039&pp=2518831497914294538&ti=3420950681100687039&to=3&bt=programmatic&psv=2.113.0&_x=1
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3420950681100687039&pv=4e9ca87e-5fcc-4fb3-a8b2-0d801da61695&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3420950681100687039&bt=programmatic&gt=ch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 04 Dec 2023 05:18:22 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.tas.yieldmo.com/2/2.113.0/ Frame 875C 142 KB
46 KB 52ms
52ms Script
text/javascript 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.tas.yieldmo.com/2/2.113.0/main.js

Requested by

Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3420950681100687039&pv=4e9ca87e-5fcc-4fb3-a8b2-0d801da61695&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3420950681100687039&bt=programmatic&gt=ch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-253-142-96.eu-west-1.compute.amazonaws.com

Software

Resource Hash

00b811e83a10b7aa4065e927327a2e9c1c4f0519daf98476bcba5679404bcf78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 05:18:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 46294
Expires: Thu, 12 Aug 2055 05:25:40 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 400F 13 KB
10 KB 43ms
43ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a75dc0ffd04141bcd0992e3fe2a48d4ccbf54192aef19c0385a05af85800b5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10328
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E724 38 KB
13 KB 51ms
51ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 233696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:23:27 GMT
expires: Sat, 30 Nov 2024 12:23:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E712 1 KB
643 B 29ms
28ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 46813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4233 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 756eeafaa80b166bbd005a7e9210305f452e8afb2b4b08de36bd36182c466a77

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 380A 17 KB
6 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 05:18:23 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 226ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: e75441dd-f273-48e7-bab3-22821bbce335

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C930 133 B
569 B 209ms
116ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 35d531fa91623a548b867a831abe0d86225db6d79ea96fd9a4e9ee8be927ed96

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=ca602402fdfa9f097df33ea98221a93560e5bec555e5e1ca8563915825163bf6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: f967a41624987d2889b5b1fb242a5868e9b8ed5a995f07a7c843339b0f4b0d79
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051823Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: fd1c9329-2e6d-6734-a0fb-f0769cf38a4a
Content-Length: 133
x-amz-id-2: s+8mkrpaNf6hwmPtljf4u/wA/dpoaaQqJstgiUc6bBvY0mlae+tHK7VmxrVEQA8JO5+pb9D2PAdY0SanqxTNfCasupnBJB6g
Content-Type: application/x-amz-json-1.1

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FA5A 17 KB
6 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 05:18:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 60C2 13 KB
5 KB 51ms
51ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 19:30:15 GMT
expires: Mon, 02 Dec 2024 19:30:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 400F 17 KB
6 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 05:18:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 064D 17 KB
6 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 05:18:23 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 216ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: d7008dec-8952-f931-8ae7-eeb3329f0f69

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame DBA4 133 B
569 B 231ms
119ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 6b609960d76825c63d1bf24e1a34fb86f6f625109fe2bda4319d029c8a87c22c

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=695dd038cc1bef9222a5450f6602700f7a8e158ab4633ad7a8f05aeb83d53569
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: fae24853f149eca2e11e513f6897972beb53bb6e04e33b162184ef707e1b2a9c
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051823Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: d47ef116-8d1a-9f5e-8999-924964d5348c
Content-Length: 133
x-amz-id-2: arxbCSKV4zwb/5fKK/VK3m9FzHxM2bf36Nj0l5P6Ua7yCduQE2E0CW2AiPQR+/UoBN12ju9FJQV3lJIXwVabS6VM21KyL8Rp
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 245ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: ed8fdbe6-0d57-be16-b068-b8b96dfc5982

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 8169 133 B
569 B 190ms
116ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 99fdf4fc45d9aabb0f3c7686a1d71fca9bb4dfcaa404508ec4758c6df166d506

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=6eb4841702f7b0d2830ef23a0614df2574895521d06d29240f5e537b4f34e66b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 603c5b978c05d351a777d1dfde07c2fead334141d334daa96444bbbd5b80f423
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051823Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: f6e1635b-ebc0-2cfc-ab06-0004500ddaa4
Content-Length: 133
x-amz-id-2: dzDhUO2OKHay9C73OAz94e/e6NM6VpQ2sXjqdYc5lblDKTn4GPFN8tRWIIYvjGPLgwRDmveG1EOJcGhtS27MuYSiWzYfQGMh
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 256ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: c97d4925-a221-6771-949a-2a7a155b6ae2

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4E44 133 B
569 B 168ms
119ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 647326da24a38f83b7fbdc6dfee0626232d324770aaa3536148ebaefce24dec2

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=65e9738438e16e350eb52c359feb357ec8e88af2656445fc0824b453e8e3c521
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: a1d6628304accf4fb0cee1b667e9cfdd02d6122e33047000740a629f005d4f60
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051823Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: eb2874ae-e1cb-6c67-b6cf-17f172cae9b4
Content-Length: 133
x-amz-id-2: mglA/YxK6L4rynr75lfhJRRhaQ9WRCgJ2vqIRcCrSmaSxVUE4hK0x3afsGS/Rxf0jSIAvzzjnM9cUrqPRnEVVAcQxonAZrbn
Content-Type: application/x-amz-json-1.1

GET
H2 200 dpixel
cms.quantserve.com/ Frame E712 35 B
210 B 31ms
30ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOTM0jG7fKuy7iCCfWa_WOc&google_cver=1&google_push=AXcoOmR5TwFsE-XT95GaIAlR43w4sD3TsK1BUXDh-RxKABJ7nrBc7A1wS_G0HJ0qvwCBw27SXN4BvIOYHKGXMTE2f0bVGzlxBlzu

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E712
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPSLyiSo3UTTIZeyBFO46W8&google_cver=1&google_push=AXcoOmTvrs7P6dCA6UOpl1FsITrXUWDJMza1aZprBkeOKo9D4PTC_4wZGGQC1t7SLZ7tgNZDP_IwDu2sFaG6PR30aH57A0urnh38
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=860098435345&us_privacy=1---

170 B
188 B

61ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=860098435345&us_privacy=1---

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=860098435345&us_privacy=1---
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E712
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQIF-...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmQIF-TCU68NfvFYgQr1IQo6cixkBRRth5zqLylQTMRAg4zz7_ssNdbNKtOnMVHQbfLeyLgu9tCZT9C1...

170 B
188 B

61ms
60ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmQIF-TCU68NfvFYgQr1IQo6cixkBRRth5zqLylQTMRAg4zz7_ssNdbNKtOnMVHQbfLeyLgu9tCZT9C16ioGgxliW8FoWl_y

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-LasYIXDhMLLa5_SEKsBnluC8SwbH5k2Ed_avMw&google_push=AXcoOmQIF-TCU68NfvFYgQr1IQo6cixkBRRth5zqLylQTMRAg4zz7_ssNdbNKtOnMVHQbfLeyLgu9tCZT9C16ioGgxliW8FoWl_y
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 574592
content-length: 0
expires: Mon, 04 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E712
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.targeting.unrulymedia.com/csync/RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSWSrzbb9pvUY8F51hct...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSWSrzbb9pvUY8F51hctXZLt78vdA7M1EpwQjWSW7sN36XOauARNyVimRghFcoV4LrhfKy6IbxswCKyV9YsWOSd5AN_YSLg&google_hm=AyfTXU24ak-VnNQ_62z-ViY

170 B
188 B

62ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSWSrzbb9pvUY8F51hctXZLt78vdA7M1EpwQjWSW7sN36XOauARNyVimRghFcoV4LrhfKy6IbxswCKyV9YsWOSd5AN_YSLg&google_hm=AyfTXU24ak-VnNQ_62z-ViY

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSWSrzbb9pvUY8F51hctXZLt78vdA7M1EpwQjWSW7sN36XOauARNyVimRghFcoV4LrhfKy6IbxswCKyV9YsWOSd5AN_YSLg&google_hm=AyfTXU24ak-VnNQ_62z-ViY
date: Mon, 04 Dec 2023 05:18:23 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX27d35d4db86a4f959cd43feb6cfe5626003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E712
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAFbXywLQ7Wkqym9q0pt01M&google_cver=1&google_push=AXcoOmR0HwNmw0OlfTSN4iSoLPB1TDb-E6z6ka-uJbQnN8j8s6KOxrl6qHL03trjcGYYNi0VYbdPVajdkij5Wa5eNJta2OwN2fZp
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmR0HwNmw0OlfTSN4iSoLPB1TDb-E6z6ka-uJbQnN8j8s6KOxrl6...

170 B
188 B

62ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmR0HwNmw0OlfTSN4iSoLPB1TDb-E6z6ka-uJbQnN8j8s6KOxrl6qHL03trjcGYYNi0VYbdPVajdkij5Wa5eNJta2OwN2fZp

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmR0HwNmw0OlfTSN4iSoLPB1TDb-E6z6ka-uJbQnN8j8s6KOxrl6qHL03trjcGYYNi0VYbdPVajdkij5Wa5eNJta2OwN2fZp
date: Mon, 04 Dec 2023 05:18:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E712
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEJSjrTTO_buI4BguiZdSF74&google_cver=1&google_push=AXcoOmR4oQaCRvFH_g2Tp0kCKR6Fov0uwXi_7n7io4pplapSgDga5IQTe91boWoAnEFBwCldJYu1FfCWEjSzpQ9rVKxTKzFkaME
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR4oQaCRvFH_g2Tp0kCKR6Fov0...

170 B
188 B

61ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR4oQaCRvFH_g2Tp0kCKR6Fov0uwXi_7n7io4pplapSgDga5IQTe91boWoAnEFBwCldJYu1FfCWEjSzpQ9rVKxTKzFkaME&gdpr=&gdpr_consent=

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 05:18:23 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&mn_hm=MzQ0NjY4NzAyODI4NzM5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR4oQaCRvFH_g2Tp0kCKR6Fov0uwXi_7n7io4pplapSgDga5IQTe91boWoAnEFBwCldJYu1FfCWEjSzpQ9rVKxTKzFkaME&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 04 Dec 2023 05:18:23 GMT

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame E712 0
34 B 31ms
31ms Image
text/plain 18.193.96.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDOGQAbAHZIkogp4UpZFDLs&google_cver=1&google_push=AXcoOmQCfN1RUcXxK4wEyMt0rDVgIAmCh_XaCDnqXnddyY1NiMEA_ZsFJYkvkNthcdJWnG6MiRGJa48VyihUnMtPMevShWFmpoK0mA
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.96.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-96-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E712 0
12 B 60ms
60ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JG5mHx3eC4LE_k3iozN8YhLX1jVnZdy0uY70Kg1E_7VkeC9Ky60K5UQkczvL08d4v8LNEFww

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E724 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 19:25:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1037 13 KB
5 KB 51ms
50ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 19:30:15 GMT
expires: Mon, 02 Dec 2024 19:30:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 60C2 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 19:25:39 GMT

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.113.0/518423/AmiMw_EREAH2vpSz/ Frame 875C 0
145 B 69ms
50ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.113.0/518423/AmiMw_EREAH2vpSz/postback?oz_pl=1&di=folkd.com&ci=518423&dt=5184231558719353398000&sr=yieldmo.com&md=1&si=2331256393946538634&gt=ch&pv=4e9ca87e-5fcc-4fb3-a8b2-0d801da61695&de=2&dm=728x90&pi=3420950681100687039&pp=2518831497914294538&ti=3420950681100687039&to=3&bt=programmatic&psv=2.113.0&_x=1
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3420950681100687039&pv=4e9ca87e-5fcc-4fb3-a8b2-0d801da61695&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3420950681100687039&bt=programmatic&gt=ch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 04 Dec 2023 05:18:22 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.113.0/518423/AmiMw_EREAH2vpSz/ Frame 875C 0
145 B 118ms
51ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.113.0/518423/AmiMw_EREAH2vpSz/postback?di=folkd.com&ci=518423&dt=5184231558719353398000&sr=yieldmo.com&md=1&si=2331256393946538634&gt=ch&pv=4e9ca87e-5fcc-4fb3-a8b2-0d801da61695&de=2&dm=728x90&pi=3420950681100687039&pp=2518831497914294538&ti=3420950681100687039&to=3&bt=programmatic&sid=AmiMw_EREAH2vpSz&oz_sc=d7e0485162c2bf4af7bc79be&oz_df=1701667103322&oz_l=4875&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.113.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 04 Dec 2023 05:18:22 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E806 13 KB
5 KB 51ms
51ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 19:30:15 GMT
expires: Mon, 02 Dec 2024 19:30:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BBE0 13 KB
5 KB 51ms
50ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 19:30:15 GMT
expires: Mon, 02 Dec 2024 19:30:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1BEB 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 19:30:15 GMT
expires: Mon, 02 Dec 2024 19:30:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK eb9912ab-f954-416a-9abe-71a3dbc74918
https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/ Frame 875C 817 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/eb9912ab-f954-416a-9abe-71a3dbc74918
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2372b5746a7c8eccffeb32c5d71f2c714dec6d99d8de3aa13822559bef90461

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 817
Content-Type

GET
BLOB 200
OK b214d79c-b8c9-4f43-9ada-0f667e343df5
https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/ Frame E0FD 186 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/b214d79c-b8c9-4f43-9ada-0f667e343df5
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 186
Content-Type: application/javascript

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 24ms
24ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=13dbd6d9-7ec6-465b-9bf6-6f2e20908649&a=p.l&u=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 1895109
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A58A9C44F6F54F0D80E9B6C865148925&RedC=c.clarity.ms&MXFR=0DA29F0338176F2022B58CDE3C176157
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A58A9C44F6F54F0D80E9B6C865148925&MUID=1717007350EE68083C9D13AE519E696E

42 B
442 B

51ms
50ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A58A9C44F6F54F0D80E9B6C865148925&MUID=1717007350EE68083C9D13AE519E696E
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:22 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8E1A52E8132949B8ADA23CEA95B4F388 Ref B: ZRHEDGE1517 Ref C: 2023-12-04T05:18:23Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A58A9C44F6F54F0D80E9B6C865148925&MUID=1717007350EE68083C9D13AE519E696E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 51ms
51ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

378f15cfe0efbf3aab757fe58fb2fe2f0e6846befb6eed058dd51e8d00337435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12513
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1037 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 19:25:39 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E806 39 KB
15 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 19:25:39 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BBE0 39 KB
15 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 19:25:39 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BEB 39 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 19:25:39 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 187ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: f6188b4a-bc9d-931d-abff-e815dc367489

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 9EF4 133 B
569 B 119ms
118ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: f9ea70640bd2e9597c3216379efc05643392affd822e291e783f584ccf565944

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=142f54ac49e3bf0d9b5cb740a60ac7abd79168fbe603735608419f8cd17e97ac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 75817fafbfa13d5ce75f4dee9f5b2ac6a39cfa7804b33c74789ab3f1a2d08e88
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051823Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: d7bfd416-5fab-f6d9-8a58-b7493f00114d
Content-Length: 133
x-amz-id-2: 1XEKc/Wf0NhhrEGEsTYam3bHrFiy7VEgaaAQm9NWvwewX76eqdZl46Y0vQqwDHhXQBVnVveQ7OB0djBYU3lCMxCUTBUehUqK
Content-Type: application/x-amz-json-1.1

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 05:18:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E724 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B6w78HmFtZZi1C_DNjuwPjaCJEAAAAAA4AeAEAg&bg=!QEOlQwzNAAY3kmNgF5I7ADQBe5WfOClmp81jleFBGyEOl4BO4HOMCc8DrbNX_B9_aurYzq7t2dpgiAo34MzRzq2H1zUtAgAAALNSAAAAA2gBB5kDAJWMjvb3RVzE6pAoAsLsVoW-mcup7YmXS-n6zO4o5DLwaNg0XgF09_JMeHh7CS54ZHTSQUC3dn8gsR_ODb9tB-2ni7r3P2V9a6kG4Q4A2trcvpbDMKndXNi7rEOJ4K3sMyH_qQ3yeXHmIPF0Xu52dfTIk202OnXpCKpwXNdOFC8kh0fKDRRmgwFvmJ8Bs4MgjTRzSZ_0YCE966eyzIquM5ohVWtvg5rkxmjTNTYsBp4THbi88ylsUR61IDLE27DWrq8aAw4p336QnsFgRrVvTgHMXbocU6TPjtaPIoI2fTuAX_v0N8QmpYPxdQZR2ep-5uYaYZhWxF82cs0BuqtLH8H-nvIn6xoO9OshcichBRqpoJnswKP5ksnRe17y3WrdIOmipz_uX0jhDURcSOE-aKkf3ti20sa-tGJ1YxJNK5mFm4cdthwFSINJDAzspgQ2y1977H27g5FcCQHLg5K7byc9ZrGYqMprXbrxz6ma-KZE-8CbOzqt4HuC_SOe9O9qKIuGSxzVy382sYhnekNVOI9eocNZO1V83YjOw0AQb5yqwRJR2QVdwEksruVn3LcSs26bQ9OPiiFOjKMii80RvlKm6ScCYT90ozkAx7gkKpVJ2U9tdDEnK2-alyndt5yMm8yiROMu309OlsjswJ1f4DwfdLPhbUTJAEPUdsV-BQYGT9iqmf0ZDH1DzMV89srSCpg1rkNrQBnCV0mg5ypEzbqrv0FNrLdlBT5N6FE2eHf_bBCxvvDu2iMzTKrF_szYB7z7Pbq4UsdqhJZUxPWcWZctFZfNU_fA9GC0skLZQqDotReOoU0Gv_fbDuKs_nsGf6bZs_1Vyw5CINww8loztLz1ebqJO71XUFbKcIKVimobro1Q2pNN3EE78EexcIMH57jn7IFs6yZvb36mtFtU88x_4weNOz4s63KxxKdh6Wwt9rjZLF9yrQomxiSh5XchGm-x2inaMb8vzWmHtAZxTaufvBdFpLJpiIGXgnd04kG3Kfu621oc5DB3nIZ9BrQoPA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9344 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CPPMqPiD9YIDFXlmFQgd5nYK-g&bg=!IyClIG_NAAY3kmNgF5I7ADQBe5WfOHcyRqiR3PcS4xTU5Ei5rJ-9E91Iw82hAlr5O4vx2D2RiPbre8-wq-tGgHuzkX7KAgAAAJdSAAAAAWgBB5kDE7QqTS9US5x8H0P1yUBRk_1nl41ojFTlKXZXNUc6Uz8ZvI7T1WS6bTWv50-Dr8DVmyb4wkCdxj5NGhplk4wgdRJ8RUAxh3e6CAr0fFuO0_zMRZwat1dJ6upsCFzQ0AOWTMe09uk9V4Ei2I_IN3z0IpmcYiImiQmhAQzRq0mXkyy6SAIRMh2q29tbZqzUlFC_3zSQ-nCDpivFak8nnS8nZhrgB1LdHRAouDSG8zugrgcGoMUibuNsMeMkymZPZZxIIsTinx6xRG7QYrL3Gt7TseYYb01Mhj_k8cglwoqa_r7Z6fk0rMnquNK_hyogofUqCWGgBcPncfI4Qwj-ztNytjc4Shd8_gAnq4Tb4hkBZvUwmja8M7-yPkc3Jiug54wSbyJD7xPQ-VZdlYwkmj2mdNvtF70vhV6iRmsCMgce1-6_VibbSyTEIUxJZD3z1Ux2tOrqHz1k_ctv2MRAWfb_w2YmupUdlE21e1bIzC33bqwasV8Ive-W2F7WOFB8OUqdcOup9ddym-HvbhiI5jC8ez6q5Or4KA3jMK5zq7lfI18IRTxxtHkotobxaoD1Wh0dP9YhfmCYEIlAPV7IPR6x43IP58T7KlppP7jWHbz8UsDQjYpImzP2MNjZEsbpP0ameTomNv7d3bFrHr4ArzF7SXhEXP2_m9IfD44kwuXHeEPqLsl0VFlaQqMnCqv2J7yiQyHPJPNttzxA-0tjU1-_CGMiQoAkG96k8yd6SJFBAhZqz37V5dU9hzhRRMeOG5oZt8NAzQnynOaBRWHauYPPVCME4sNzHbw2Czj8U5PiRz-wpR7XUfA1sgbEmHZUB1qKbTmtOcLGOaJJeM6uL6HTlUn5D3MgijQ-0jbL2mMXJgDCv5Y9G3ZeWp5peUyE4qssuGJ_uCMXJssc4KqfqYhQ_E7m65kLtTqmy6fjMpuPw-0iz0EHJzKwnrAOqGAL7w7hCt8cDrb9aPmNJvlNmKAYyuvG2acfJEe0anrLwXqagrl1BwwcG5SdweDV5AmaSQYYGPhFupQCO9LKg3vIZPS4DxLLjY8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.113.0/518423/AmiMw_EREAH2vpSz/ Frame 875C 0
145 B 102ms
102ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.113.0/518423/AmiMw_EREAH2vpSz/postback?di=folkd.com&ci=518423&dt=5184231558719353398000&sr=yieldmo.com&md=1&si=2331256393946538634&gt=ch&pv=4e9ca87e-5fcc-4fb3-a8b2-0d801da61695&de=2&dm=728x90&pi=3420950681100687039&pp=2518831497914294538&ti=3420950681100687039&to=3&bt=programmatic&sid=AmiMw_EREAH2vpSz&oz_sc=d7e0485162c2bf4af7bc79be&oz_df=1701667103590&oz_l=12302&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.113.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 04 Dec 2023 05:18:23 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 9EF4 133 B
569 B 117ms
117ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: e8cee5a22f055d054992c663926f15e185768509764ae08a470be4ae2835d861

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=60d3d8cadf399a0db39a7866f64a2af9698d2c0d208a06d5e371e8f4163cec40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 2f67b528394daf7aaa8e88458f9a4bdafaf62745288b64006d3477a44c053373
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051823Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: ec799c2b-eda7-f576-b19e-ff745addf8e5
Content-Length: 133
x-amz-id-2: 9IgcQxy2nmG2pPSxA7VTxSsB5VVu2pRV/yi5BjGPCcWS9/VMSy5llWV8tfL63wvobYcVhBMrm3RnyNQsZL4S9c0g0TVp7pJt
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 133ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: feda4b9c-fc6e-c232-a33d-28c34b14cfa1

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FD2B 13 KB
5 KB 52ms
51ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 19:30:15 GMT
expires: Mon, 02 Dec 2024 19:30:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7BF8 829 B
557 B 40ms
40ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f18275049daa1832b33c32fc9aa5712e9b92687aa886501265f9fe5a68a7fee9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gq0B26c2ykVlmxH0hFe36A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gq0B26c2ykVlmxH0hFe36A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:23 GMT
expires: Mon, 04 Dec 2023 05:18:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 380A 0
20 B 66ms
65ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CLy4y_iD9YIDFfSVUAYdbxoHrA&bg=!5Oel56jNAAY3kmNgF5I7ADQBe5WfOAjq8qdf2aivHqcK7LpeDjD4yHkUbPzgYvVL7e3RcFdbMRurVbWFwxpnpw00NJpoAgAAAIBSAAAAAWgBB5kDDpMo-TRMHCfWomS7giWKs04sdjYTEKylT9k0-qyLjxyplpiBlhfvnDWdmg2t6AuVDxrqa0HG8jPxlXYfW8VFtK8rTisevfakp7v0_zciLx55Jfgp6Z801pMmaqQg_BaUBOrX9Z3-v5ffPIzwLNBqfJiPw2w1gQYB2s4uFAz2vIxvaSiGK-tbTWCRWqxkWpxCeIpj6kx28seTTkC_gRKfalgBIMShYBOgX1dsDGbHMkjEQFmSlND97KegYAocFqLYbZZqswcyKiQZ0dDU-Uzh_KdpccC_Cbci6FBNq5awHjzpBedBOwuMJbchY2Q3HknTPbC7gQKIecsUJpUBAQ0lwWrdm_-vgauCHjr1wNPS2VlvCazC6pzoCGL6JYSGwVoETe4P9hjaWrBiukeyPRXVIZ_avCtC9buBMVaWq4f20wpxrviRXlBnC4lWII6J7Ggg-TG9zuqe0LPUnc6RMjso2dR0MyDH05qTKvwkgI1ou8mclvpPU2N6NcshkT97AcNp-6GuMKkLhYvGHfhyk8mmO8jA6o9TfjuCvJcw7i6OH-phZweuUEcZo5qZPAbv7eSrQ33z2LxWN0JW-FePLgmDhmeOYRFRp4drViM2jVfZCsXkUYs88ckzroIqqxIETl0sH77jXYQPKVLqOA8LwYn4Ftcr_c9ozDWk489OI_cpba_sPhEaanFZemc1xsvdGJWKYtCZAitoS0rkcL9yUWRReSwwYlFMWPd5_GOMXPWn3RLt9nWYl1LqJnvINQlgfKOQeE-eVWzcK0mlVdtJscPFMTHTGH6EgFhzg2k3DSba36kQIDSlXbKxKp-Y_dFdYaZhlth7itcjbkOt1e6XXAfHG66eKCIJ6-fkUlbiUU5TrVgOkjl5S1nmB7-MdXS2Sew3UoH4TCOWIYsxo6YaeXHdHeRhubz0zM2A1JO1SBHo5vrH02JZsF42-46ezkjDchSy1Qe48DU02EtFLACRWLR9NNqQ8lcOx28KNCOfF7jubuRA4mQAuQ1gMbjCPb-pUE1kzBAWL3OIRqwuZbuMPR1T

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FA5A 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CJ3by_iD9YIDFc2JUAYduC4CHw&bg=!v7ylvPPNAAY3kmNgF5I7ADQBe5WfOAW9OcFmcVj0_VM8u5jqSjeYmnXQs1XFP7HjYuUxLmtPkWqZKTQtXqz6dYTI5-QjAgAAAG5SAAAAAWgBB5kDGRgmPTewxQpk_RhR-G_bo1NmH2OqPaSaN8JAxDBEnbzePQZKJy-8DJuU9pDrQkX2rr7lUJukMP63sy4ZXvDVIlfU3uo0Lt6-QQfN3k7T1laRJACIHxWFDA9asB-gSgXxDyhqkAZqeRX0r4UoanIhZeYVuIfnhu57xj56-0SM0GXg3rYtG_Kj0lG7UzKwIX2gbz0K6epFLrMn_TVaRhMI0AnKxBxyrgGm8-oeLfOd4_HjO3t8V6MgQSoqc8bUb3NRpK64R0X4-vVBZDYBfVj87Gt-xPfYCTPmn8PMHkqce5yRrbly0bw4gR9cMQj0CEXowuVC-71R0mUf6CPn3HcnHkqrx0GSXdmpDOWN2oe6zyy2G2Vow6CQQfCPJzrYeP_DscsulIpnevXKbD_XHav3odyVFkerv6GDKspjVGdCaXSQVaITQ18cASOFi-WbnhgabfZlCd9H3btOzEXv__x6AgpxMFwBU6sTLNdj2KOceKvnaMjflZtJ9tADdKey4a4x3LB12XzBZa6XDLHNvJq6ultB8o9iyLTS_CeqTZH-fwN5qJDqZAuRQVxR6vgYXlslzJmTeD8Lc5IV4wCzKSvT5UfofX2SQDVhKA-lL3sAAJGk1X7e2SRcPx5Lym4t6syzkHxwpXI4CfDJXx_EnwjekMycOXrh82s5aDtq_e6Lop9WBNnhHU1MMmPqDchtWf-XbLkGuC_hr--liVx4ZZn7I2ZwyT5rp-g6csaLQzHMH-hoGw1uCIG4UD1Y4yIJ4UDXmuWnLG03H33RpxAUoIxNJOqpKhEbQysUw7Q9ckNHmlLRHlfwfgwWiSkWaKsZWOBaUZoTc00ChCxJhra8ozIXU41CPuOKlOnIBNgiYNTQyrbJUXExOnTQygTe2NBcIgsj8U_1LvjPnX5Qq4ri5cF_uPBVJpf2HyVsrBzxWNzCWr96B2GiG7Cl-yala5ASgpmmA1NpztBlhuj5U9nvYhS3bPMSIpTE87g3jr1vq4jy9Jc11OSzYGe8KlwtMtpjbCyyLQ2Z7NZr4OipTuB1279r8MVy24_K70egHLA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7BF8 0
0 62ms
62ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311300101&jk=2397939183335830&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 064D 0
20 B 64ms
64ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CKqLzPiD9YIDFRBsFQgdBJIG2g&bg=!5-Sl5KvNAAY3kmNgF5I7ADQBe5WfOA_h7RcAVfDAy-VPl5akkARn8GDDQMy2Q4Gb5U-CaHfxGzlx6pxL-pe5CATUztRwAgAAAG1SAAAAA2gBB5kDHo1tvFUOFgEyX8KDdROK0kk32ukoNoIFyGo56GgwnwDhdqAKowOelO2pr_q_0qKt9vx3C3S_3JyELIKveRHrleJPBLEaEExleXml-xmaRC_RiO1QQrKlbU7qdPq4F0kGoIYmojQe5T0iphFqhSTgER1kq6E27sQVpvjwq5T2gbfhwKzU-PzQsx0xzMGZzbEFk41NrVdW1pObu9dhi2lAK7gEnTBM3W-o5F525Si2Jy1Gs5wT3zUKlLAVS7srPMAdvHZJ1ymu_vLmqahJkS5z4kn9xb_sY3E1G3ZgAYBLbLZ2-XbMhYj20FahmkMrFNyK2MmiIEy9WabfHbs7qvqSWA_ejvyg_pvFZfixZjt4varjIwSj-qMcD-cCcU1zLTMB-m5zb-TVJxHdmXrjapEf6Z_sRnqTZQsj7mFmqlJWyviR00GhFQ5MwutO5fgdFR8eB1rMTNvU6iMA9KV-K0YTqKsOI_4gUGzP2BX9osHzlTz5VsUUm3zGf6-feomWQQPjqdMrWRWJm5trTVOlYhaqxh3LxoyxYKVMDM2rRrNuw5osYIJQd99Yca9wB2YENGGFNmF4Ah-YiGwKXrTe6GnmVl3ETxUOX8wfPm_GdAHL2kNxWYhEr9DJo83ga0OACY8YJgXJFbnBI-NKKTbk8nKC589901CtszMgKviB9_PhL9oUGjqILHe2cPJBeYF6YTfcOMLWuqOihlWmPg78JYjDWnX2WhUp0pE6b9UScHnztyZgL2uSdfrpH_p_XR-vET8C-O5fPWpUTPixk2zgbjnftlLT9hYWEyZbfgrRDiY8XDyFOjuvVwe2DAtpFoDsVALTrCe5gDVAlpk-m0eqdAu9xuG8NBWoyq6B5hzpiGV2gFdt4QMyyp-YQ8FO6U-Jr5WbZdbvW2JmlonKbYDVELICg9MQ5ak_U6cngkcbkLgB57gVvJPbiAo4SS4q0Jy2pJze8EmOEgpcbyWU-Jn2SSsbSIIQwr1tJ-yd3ivgVZnZ67CUJ0NeADvu5T_bWKJYiapj6YghvhOPqF3RCmHJnDJMc_24rQ52abLNYNuLHi0r_Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame FD2B 39 KB
15 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 19:25:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 400F 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CK2CzPiD9YIDFZBZFQgdkQcJIw&bg=!hYalhsnNAAY3kmNgF5I7ADQBe5WfOOtMLWaCClS3bWaMbgGZ6THW0UI0s51AmaEjGw8GzUwfykN6WwbS3-nPlt25WNEfAgAAAGNSAAAAAWgBB5kDG4OR9X-V6exVc6T_6K43dfY9Q03cwlE4Xc3RpYY0RUr3ClxvHnxEM8LgTdAH5-ojCIx6iy_9xiJwC7R0DFPUi7PkIXpFIiquDtj5jfZv6m9c80-e6m7wz1XYz-aT1azJ8jgGlhAIpHmv7uJ863VpO-Lfx6CjMKvi3oV0_23ofg-X3e1FfEsWHPfdiu1RjU2RY1L6QyitVDj83Sxy1B57NPfr5xHXbsYh6c-aFL4dT7V33SjRX3gf0FNihfNFtplhn0nBsXVjJuV8is1AYHzdGpBHTu-BvAgqXlQyV68l8IZU91674p4zOghHCpIDsd3H2mT9B2B98n4XE8wx9PsHngYG1ua0qxgsZR7uTEsajD75Dd9rAkRYmcVvi-6oJDJtgHI6QXoJB-bBRxWnkfIIjpI-nbgKJn8PdTaj6b3bX4DVfAXWG7tsSzSwUiUveYyyC1O8UvACRuiiCGN99SoM4N6zY6039E3waA7tEgEFZSvYMWkiexKAWgDABxre9eG74CrNRiBiXUNFYiZc-78k3_Ya5DMKOjHj8G3yVvaL8ZEGDAHibJO0wyye5lXsfXlxXqRNYhjMDm8qLpExRiOWepMz0sgKN3uHHxh0lUzoTgMFvx_WGO1g6-k_SXWvh6uMax-YLouZXkWRTBI3U-GlYWCwWhZZ5Ci8rq-wmD_bOMKVJQJBD_u-dMt4BrvlZPyU-l1V5Z7ES7SRVrrSuzqfVTnYryQT1uxilIbMgXdNfuqcx8CT6YaZUlePP0D9IxQKbGHcmMSChQxGVrrCDm95jrXGFqKs0NpRNZUcNDObNaILmyyarBKW5LasVOofkU-R77iwxHT2hmYXp6VnKWOO8g87V5J7ZnL-vOz5y3LdMv2H7s4nugPd3piopQ64jfR1AMZPqf_eC0-1SmV3Tbmio_GUycDMQxEL62_ZFZBXQTPoq8T25uqKwdJ7FlG6di8u7UZ-xnOsUk7uUfK_Brx0iiwiBSIFl4PaiXHbtZ9RC9OTJpkYMUamNGvhB9OOqnSTVKwbBHP3lBL_0PUBALVxusfTOO4vuEo3vOOEDA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E624 133 B
569 B 118ms
117ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: 58de2bd932bf316694dec245a08c45a84e4d5caf95c6bd993a6285d28d5845d9

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=765293fc14be6c2f37b9608b958c36a8f3aca2ee393f7b7a75d22b2bafad96d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: d39f75e7280da0382590d2d9ee24c8ea99729491ac24014f1466b25400f59c92
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051823Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: e5281734-cd21-9186-b8cf-746b5e201455
Content-Length: 133
x-amz-id-2: YKwyeOUU6EaQi6aefA25PLPCsO2bvBfrkxhtRaCPW9T4mH/exQG7+uKU3LHon5kYM3ExsvUn99gO21wDGSso8vhqDme5w06v
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 111ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:23 GMT
x-amzn-RequestId: d443ee33-2a4b-06b8-89a4-8d6cb94a836b

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FD2B 0
10 B 50ms
50ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SChxSw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4233 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9596596616174&version=m202309260101&ct=77&x=1&cor=9273640875439356000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
65ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311300101&jk=2397939183335830&bg=!IyClIG_NAAY3kmNgF5I7ADQBe5WfOD3U56VW_T_n0v7tvD5PcIRaaciWIGSLABCNZNIfUHmimIILpjrt-kRZ6C2FY5VoAgAAADNSAAAAAmgBBwoAVXW5tntNQD9a_le8okSnPWD81bOTOZXo7fFXOdIq7JQAjIACbOjfeGdKQgzrVnQ3zUQICLVzuCH2A1uiyzXOG3Y0ZR8G0pWLjDXv_JxgsPalUzCxC7aZAry88KrmoFs2rY9FmuPSjY75ukyMVNny99S-fBr3hqLIw-L_WFQcyMSZwCIBVRW4QZCsst98wh8wPN-y3eXrT8TzAjbxPHmCbduua95Rb4ri2qkPDzasOF3imCB9p8a1XzOtai7Qr_EXzt9pQPVkiu5efJ4UAhBzv4ZePOuMcznlSt147wNQlhUwCCbnf9RPa8Ha5JdqAnO46xax5RgUFlQRPEY1UUnhQmfFiMxcum_eoMae1H1-6gC2GUbg0JbO-FMvqQiCQDyc6xaTVLvpALMMETtYqiPf7i6MpcRGJPY9eVAQfxUjpcRmJOeg8Sldp2F1E7CfxbdFnzmK5eS7OafyvD5kqLfH0KmYihRFij8Bf1TVrHcpLCfQtDuuFT-Pp9jU69lIY1UXHqCGe3MQR4rymj62vfdrm-xQkPd6vA_yuM0eAZsBUpSQWvyDwWZ6-NMo4KR4saKK2kLFWyhyJShB76eqgw998PdIRgTet9I6Vh74KAywDzdf7AwctEuoNG1Y9uJDcSmfi3cRygPpq6bBxNgfLjnSsHk1aSRIzVOsNspGf8r-TZKNzese245o2Ee7LSPMFFMbXWbSttyJ5FHk7js8PQvz8OjI9p3jxDD4Vfw9jIevlCZveafT3lHMApPUErCQWk4y9KVcIQ7tXWGq4W_MeL8LTQQL3PEhZKsqs2oFp6zkL-8E4Jz3Ii9OPY8pEP05V9VwX_17-wHzySV0EPhU-rZkkyVgkmVjEVTGv7ooVPtDoQmoqOn6RqSQgl14gQH8rz-3FlhErKB4jLvNqeCsQ-g_7I0CqiMzQGlSa-GCEzeCetn4kF9egLAovpFFfILmj-wVjf4F5ux1454v3tsYn5k_l214J49v94dK9xAzR9cF8hnrewI0MLq81EGBVGryWLlfpiVjiijsNJTU6yw80_Q52gKr7C1v
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 368ms
368ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2397939183335830&correlator=3368909976270371&eid=31079240%2C31079874%2C31079525&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=12&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Db384fbe27bbbdf98%3AT%3D1701667100%3ART%3D1701667100%3AS%3DALNI_MZNT-MDBe-gtaUkV4u1VPJfGitZmQ&gpic=UID%3D00000d031a52acc8%3AT%3D1701667100%3ART%3D1701667100%3AS%3DALNI_MbBjf48Si_Pemm8lEolpg1vkvA02w&abxe=1&dt=1701667104564&lmt=1701667104&adxs=1140&adys=464&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&ga_vid=1291839822.1701667099&ga_sid=1701667100&ga_hid=1340743998&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj6qo2awzFIABI7CgpwdWJjaWQub3JnEiRjNmRkM2FjZC1iYmY5LTRhZTYtOWYyMS0yNmE0ZTIwOTcwNDYY3qiNmsMxSAASHQoOZXNwLmNyaXRlby5jb20YtaiNmsMxSABSAghkEq4BCghydGJob3VzZRKYAXJ0aHJSQkpoU2dDSENwOHdTUU16b0ZRcE1CWEZLbUJjKzU2ZFpBZHZJU3BlSkk1elRUZTF5dnR1ajRqVGpyVzNQYjJTNTg0ejh0dHpkaHFRQ2orTlVjV0pqMVVvdDVHb1doOTE2amhsUmtuMFB3WDVkQUx6d2U0cEZnTmpJYy9PbmVnOUlYWWRLMjM4cjY3MWZhZFFOUT09GNiwjZrDMUgAEhQKBW9wZW54GIurjZrDMUgAUgIIbxIZCgp1aWRhcGkuY29tGLWojZrDMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YiaqNmsMxSABSAghq&dlt=1701667098547&idt=69&prev_scp=pos%3D2%26monu%3D300x250-160x600-300x600_B2%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D5__notchrome%26browser_hour_refresh%3Dundefined_5_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=663577002&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

539e7d179bcf2ca0d3d00f5ffac5c84affa7e6601f05e2c2b268fb689bb5ec8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12011
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1779 6 KB
3 KB 29ms
29ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:19 GMT
expires: Tue, 03 Dec 2024 05:18:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A8D5 611 B
263 B 50ms
49ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COi0mwIQ7crM8gIYz5L7_gEwAQ&v=APEucNVS2UYkrVZyU3gGIWRKyP5irGcpbsxI31IMl71i2PlVLHGMMlZ46mlNpSY-XgJ3UWhNahHoG98K00E7Rdr2G9rIU0TzPA

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 05:18:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1779 89 KB
31 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1779 42 B
63 B 63ms
62ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AA9ufCARe9hg8KmDvwhrcY6L-RABUl9pGBh0f5FibgSU2HhKplU2LWegr13yMG6wfICgZkN6hMhzdAZ_l9WUliMKi0Oz5F54YJ0HyG7SIkAdg5oDE

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1779 0
20 B 64ms
63ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10929920802502397643&x=1&ct=119

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1779 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:25:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1779 20 KB
8 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1779 0
0 37ms
36ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXzia0OQ3cycGt2_51f4B01vWAFLXkpjUggPoSA_uc4KDyLjtf8ikE_6-BgJzcFMM-I8Du9DxYMpNdexmDR0L_Zp-1tw
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1779 202 KB
64 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 05:18:25 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 1779 68 B
243 B 52ms
51ms Image
image/png 51.20.47.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDYwMA==&v=5&s=v31hgpk6q85&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERTLkIiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTI4ZjgxOTY4LTc2MzctNGU1OS1iMjc2LTY0ZmU4NTI1YzFkY18xXzFfYWQifX0%3D&cb=2166824&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.47.97 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-47-97.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame A8D5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELCA86TvsbTzebKvpeKifPg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELCA86TvsbTzebKvpeKifPg%26google_cver%3D1

43 B
901 B

36ms
35ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELCA86TvsbTzebKvpeKifPg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COi0mwIQ7crM8gIYz5L7_gEwAQ&v=APEucNVS2UYkrVZyU3gGIWRKyP5irGcpbsxI31IMl71i2PlVLHGMMlZ46mlNpSY-XgJ3UWhNahHoG98K00E7Rdr2G9rIU0TzPA

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
an-x-request-uuid: 541b822b-f98d-43a6-8e68-cb51054a1025
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.195.71.217; 185.195.71.217; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
an-x-request-uuid: a1c7c5e3-4f0d-49b3-adad-36975a8936a6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELCA86TvsbTzebKvpeKifPg%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 185.195.71.217; 185.195.71.217; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A8D5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4OTY3ODMyODM1OTY5MDY0Ng%3D%3D

170 B
188 B

62ms
62ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4OTY3ODMyODM1OTY5MDY0Ng%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
an-x-request-uuid: 3e2cca5c-af38-415b-a021-fe54c00a1838
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4OTY3ODMyODM1OTY5MDY0Ng%3D%3D
x-proxy-origin: 185.195.71.217; 185.195.71.217; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame A8D5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHV84p4_ZN4q99PiDT2VCr4&google_cver=1

43 B
61 B

37ms
37ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHV84p4_ZN4q99PiDT2VCr4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COi0mwIQ7crM8gIYz5L7_gEwAQ&v=APEucNVS2UYkrVZyU3gGIWRKyP5irGcpbsxI31IMl71i2PlVLHGMMlZ46mlNpSY-XgJ3UWhNahHoG98K00E7Rdr2G9rIU0TzPA
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHV84p4_ZN4q99PiDT2VCr4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A8D5
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZhNDdhMWItZWYyYy02ZTdkLTQ5ZmItZDQ3MThiOGI3ZjQ0

170 B
188 B

61ms
60ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZhNDdhMWItZWYyYy02ZTdkLTQ5ZmItZDQ3MThiOGI3ZjQ0

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 05:18:25 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZhNDdhMWItZWYyYy02ZTdkLTQ5ZmItZDQ3MThiOGI3ZjQ0
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1779 0
20 B 63ms
62ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2230418943316&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1779 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2230418943316&version=m202309260101&ct=119&x=1&cor=10929920802502398000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1779 91 KB
38 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUvmq_dcVE4E14Tf3JI1OxBewKh9VWE2DTJPWrJ-zj8zFl9a4kN3uJN8y89GXtt4cHpH4WGSoc4jeMcMOK0FD7rAGmkA2JojcitqwuIXeKbE2FxKnpcwE9jFeiUuk0mQwdkE9NYGv8a87IZRPGkltYswNWbPxsSzxjp39PYbBGphUeDnuWb_1P-AFH0m98yGaWC6Z6&cry=1&dbm_d=AKAmf-Cnubro83xJdGTSngv3fd0-DntKE-mqGAnkOgN1fbKExZPQfxAUESOvxHyG-Syc6OZDbg0FcOxMwdaRkt1ctssFmp3kxzatepxrokobkMwDPrCIzB0ecwTXA2pIp_Apy1s1lxC5Oo3eFCkZIRepA6XPJQbXMAQTFidX1TKDmE0UZsixsU1jX04F73D_U_2W9ywpCK8fIHLXMFp0FZ4agPvEdmtQ4tqKus2yn3fqtqZIABR1A-1ivzJhzf9ZL051ycijA1_KNWoK9zT7s50AoQ8UFX2irWpa9gGn6xfFrS4e6XYR1N8eBlSEW7twfwx_ZcIaitX8uDeVi_PXlKbJ7SfvvmI99en4DcrNpzdafUpmlVgarEF_DCQyoZ5EVpgit18ugPy2tgxMYXN_015z3cR-q_m6pergYF3EvP24wdAjBShXC31C9fD_oenMPt-Vfau0oftd4ivyGnT9YIpfDQt27LjlW2C8hFnsvSt6Nry8QSJDYZ9CGryu_kTt9Ts7XebK8dZqjunlqPOJQtPYzo-k9XrX0uWQJF5hhE-7S3WrhmcNhf7fNeN7zI0ED1dLGGt_GMMIr-X86rmoOOmMqO36gCPaLQ4wNBYKwc-WMuRleOM8MoG3ez8efX78wkH3yauukick-vay7gzY_sj_BTXvnc_N636S5ZHeFc7aD94Ywd1ns0kdJ5cZPHKMf4p3gF5MfKJVQGp1pdbuv_fFq6ObkG4OjxebiV_yP9stICQSIG4M_PDP9_yO4fIRi2dvdOomWZkOFDfNtGoTtoIDh3NcGajejsoJFctcM3W1IHnET_6FGMNVmOBBUTe7rDzSUKDO47aHziWZmHF20wJ60Gc1exFxAF9_BmwiXeBaqbIGN1chW38A2KRSZDdiIM6y6ZTTUHKrNjSRBNs94MXHhSJxJjCQPNuq5DewAdMr1PnM9j-SwlszWG4zVNKUakcLR5qJ0knXtjK79CmgfYNTh8oRiL3Cw5sKfuqykltfgjFFJ1ZqqBJlILD5ljWViOqg5FmgsrNQ5GmnWH_3ZZWmrQUgSKh1KABOmBjljFzJoCfYdlwVyPmpWVFQRCexGiR3Zctr6SuF4i5zbsZkmCzfKB1JUncVGGZWLewvk2tT3j8I_sZAPviYvyseVh1xyRLpUXGqLXRzyyq3K69K8sZPB5hGdcvYyQcif2ddHy-0PIAG0O1mH9Pl4H1PLUQiazlGOCvQy7-j2FtZ6CQwacEyxX9kPTXUiAnjwRZ99p6uvX-FuGS9CyR8qedRqArOlBPZLiVGMUvaLq6_b4DlIrXdcYAcp1Pk0zzSHO0hqH_f9hEcnxOTDGVpQ88uBtBL27ldKLg-k1E-FW9gA8T-IibQh-ucdyLFQNSXTRn11Zv7UYL03xcyUC6-wFgeITYDbI4OFmeQ2wFqXM17QUw_isD-dQJMrclhgoYjIRwK7G0daIPwJde4uoCFGLL0aJqZakZy-iBCqrNzVMprzduzE3JRAZ_I6Ylnt0rqpiX2vd3Gykeco4r_ZB7qs1wVJnuYeueseYjwMgmnHbjy9ctCcusOcWncRd2dh_rxqJkZeHMZ2RZsFbvp0zXL77B_K0mzXXP7z-1drs6oEAIArRAZPSapoDF0oA4lZcjOTKl6haLdSTFbkXZ2YOSUiZt8_QVGfuv4rpAyA11qm81Vf95UhyPfcCImM9JlRd6xv-ke0hlYMIYYexpfjPv2lF6tSv0w7b2OqmI8iNkOhQKeXc2tG6HM24TwqnE6KYPZfvSlR8X2NPhbo8zm4UvV39-TGWen31YDJUSqSrkrnb--cPE3gjVuyEqvF434R5ukcbUvBmc-qKD4VSHTbwM89kKtq3KJmR_b8nB5Mhh7nH90g-bnNva8szCWazU4ZfHGYH4PmYv24A0awyOz5wT_20mrJtSwPGqGoCQ-b16kxMywvccLn4tKmziBVG9W0_DeY-AXs7D2pcrjoGIBZ6U_7Ada0BUN6gju5pCtTwCusucr0qqV2jnAxkp7yblv152WQnPoDQ79Th9GYlr7_gfvRhrw2H0SxK2CLtM9hPNtjF-jrNPWKzOibIRCc00u3VgjTFWF-Iku0pwvvvFK5S_Zpls4gICgoX9tYnJBki3ei-zceptgI9wqORAWKSsS_SMm2KjLK47q_kq5qGxhg6C0X81AMKH8eTw_9tEeTahO9abAOdLVgEcnpDSSaLqq-gIS7cr9PgyOMmR4T75damu24yEfl4oNc_bEy3_CwMWSwt279t5sdSQXh153vxfq4r3HqRB0qQZF2bE90_tS5vhDi4xUYI4oB67HQurm9Fj9csBBwg6qJHRCNE-OPAuueXGWb5V1LoY9oZgfx16zNSYKQOHOJxbE39ZouJdn74dyH8UtoauEjqSpEFoyIFC_jiMMlCiEcoEAa7fOyvKVqnakx3cEr2gekEGW8wzo5aZnvuwXUF7KjZGPC9Be3n-nWj6EjkUM03FuH2KRm3ZbA0PdhC8WT1HFZpeY4j2tzW3qGjD4Sz-zVxDDrRZep58qqFnTM8FA0uTwoSji0xy-KKO8iG_W8Byg3HLz_fp2k6F4UUWdWO3oKZStCaTKEFxyxKuQFXHK53lIHY9w7jBhQEAU2NoB6nrHX8_pJ4e9vXJ-4g0-xPLZ5UgC9WLpu3nG9qA-mwvXHDsBW6FWPJHlWLkKIuiUkpVOiZ-DJHwZIzIb8RaAPEAe_Tt1_XvJRgsScv3RkvLlKLbYO0abiyOc2DnY_SHJ5jhEmX5OcIrOSwyZGm--tWplC-NmLfYN2_cXG54hkhR-dFmCas8p-fM9f23QvvVPiXeKtxf0VioMg77hE9GCTXTEpfZyvXOHjXoQUvo-jyMQqvK_uhjQsGLfNI4Bd8dqQZeWmH8k6zJeda1-QXiXU5UmkxWSpAXLrmvXcqg7rMcs2UQN5vi5MoqJkcyweYkwXZtl_L2W64IY0rsXaGiuRSYF10NWWmD-vavevyLKc9m4nzTBjAWjg5Nn55H853a5Ku5TUndfR9-KLpGDOeLQzsXP04rNTyHIhJInGQA7BLWMeKqYQ7YR89WRlRK5rqbFyszSVl3gcDvZHve8yqaf8AEiWiwsXWi6yE06VSg4kqlNIztpqZdr_5OJLzkYIDmQxnx6t9WHiBZE1_Z3irwsNggaW84J1RwjMU18v6ogk1p-2tlzAaMpg6naTAnVKCRNJOy3mJKeaE0AlpZyR3cP8rimu2DlskTjm97aiB4Ox4bYTA8ypwF7IjbAADl4v0jlXLjaH48nqwFy4MODrG-A-MNzgBaDHRYO6X14Fn0vpPHB40kYvYJ2Ne6UhPd0VkAL9aRwcRVfOu08aR4Cv2kSiJuyvjGXUskhaCgjhao0QyFSFaxb8l6vtmU_83DkKHY85QecIuwqxsjGK0SnEMcHIP8cO_8AdFREWqfqLF09EPZFX7_bQicn7g9FRqeh7h_7ZjbKTdkcvbulq-ZwoffF2rudaLeyOQid8zlnVDs2wV16XPeNSuMf8c0koEo0Ct5xlnOSgIQj9rD5MoS5nLq4Ym1pImy9YzQYitq5d2UPx95SMsBztst_dU80f1XEERCdy2ycEw7ddYNehDiHY_ose4Ohtn5zZRQyOGTEI_27T6LPWlr4m8Vcy_sfQAudqFRWfk013OXjT7e1gdWtPuGNRnuj-1RpvGtOfeDHLYYAPqsahDVY2v2Vci9mzm4VZVnKy1DyYKplb3VsMCtUlBGdoo8RHsLS88NADWaSPRmTMMb9qCQe2kzxHerOUQmftcHvcmj8pNx21V5V7qGtzZWds_hIPLdpN-61pJm67HwEDbjIbIs8PCe0Qbck-p-khZ2s8kVYpYLs1Y006Fy1II2WA0GDgYJOh7PndNy7XFUOampcud5Wmdcb67HVdw5JFR6cj7ybV9hoE1u8E6GBf8iL9sXcwMTNUtdXPDrAoSwGrT0_xizKugkefuBO4Sweu1pnGHH5iQmD0TmQa-_LOKZkWYxGrDMjypAgkcLSjcoylqrO2PPdWNearx-2ifAcjKVtEXoAPg4q187KmP1vkI8aB-qWCqATzLRe3JhDRSbl-OrAHqTbeIv0buYRXMo&cid=CAQSPADICaaNkUmHuFDnLfR9FAf9mSMSEdBIBBwiQJOjcdLzRkp7LKQKqVupuTNtgf6PcLKyce9XJ2ht9tciaRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=10929920802502398000&adk=2265872549&idt=61&cac=0&dtd=7

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ac3dd23805da89428ef9a59b047f1b401c68c48337a324c701eb2227befd038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38780
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1779 111 KB
39 KB 87ms
28ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Dec 2023 22:37:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 1779 11 KB
4 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:37:39 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 1779 31 KB
12 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:19:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:19:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1779 41 KB
14 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 133263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:17:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F35D 1 KB
643 B 28ms
28ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 46815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1779 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10e63073cfa84b0219cd0ebd7f024084710fe9c95a5704e98cd4e7a7b99a5e1d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame F35D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEvQUDhau8Mydamp3GtaKpk&google_cver=1&google_push=AXcoOmRA508X2NCl1ug7JJWX6U1NfGfQf-Y76a7qqHqeaSmf1WC9yt12QFNeSHEmHD4f9GJrBxgNllfHB84M67KGar76HbaxDvNj&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEvQUDhau8Mydamp3GtaKpk&google_cver=1&google_push=AXcoOmRA508X2NCl1ug7JJWX6U1NfGfQf-Y76a7qqHqeaSmf1WC9yt12QFNeSHEmHD4f9GJrBxgNllfHB84M67KGar76HbaxDvN...

43 B
413 B

195ms
194ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEvQUDhau8Mydamp3GtaKpk&google_cver=1&google_push=AXcoOmRA508X2NCl1ug7JJWX6U1NfGfQf-Y76a7qqHqeaSmf1WC9yt12QFNeSHEmHD4f9GJrBxgNllfHB84M67KGar76HbaxDvNj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRA508X2NCl1ug7JJWX6U1NfGfQf-Y76a7qqHqeaSmf1WC9yt12QFNeSHEmHD4f9GJrBxgNllfHB84M67KGar76HbaxDvNj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 830196b188b00215-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 5862
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEvQUDhau8Mydamp3GtaKpk&google_cver=1&google_push=AXcoOmRA508X2NCl1ug7JJWX6U1NfGfQf-Y76a7qqHqeaSmf1WC9yt12QFNeSHEmHD4f9GJrBxgNllfHB84M67KGar76HbaxDvNj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRA508X2NCl1ug7JJWX6U1NfGfQf-Y76a7qqHqeaSmf1WC9yt12QFNeSHEmHD4f9GJrBxgNllfHB84M67KGar76HbaxDvNj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 830196b05edb0215-ZRH
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F35D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHqMY17Q_vkFpMlQPI9fsY8&google_cver=1&google_push=AXcoOmTe7ZrIgYXWcT2dYebPyFt45qgkKTPPA6UhkarvcVLD1QIsXrsXnMNvlgbDe2yXLoo28iyT_Mmy5f-mj3VPCpD9zlUAWyfL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=089D1C70497E400383B46583992CA401&google_push=AXcoOmTe7ZrIgYXWcT2dYebPyFt45qgkKTPPA6UhkarvcVLD1QIsXrsXnMNvlgbDe2yXLoo28iyT_Mmy5f-mj3V...

170 B
188 B

60ms
60ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=089D1C70497E400383B46583992CA401&google_push=AXcoOmTe7ZrIgYXWcT2dYebPyFt45qgkKTPPA6UhkarvcVLD1QIsXrsXnMNvlgbDe2yXLoo28iyT_Mmy5f-mj3VPCpD9zlUAWyfL

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 05:18:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=089D1C70497E400383B46583992CA401&google_push=AXcoOmTe7ZrIgYXWcT2dYebPyFt45qgkKTPPA6UhkarvcVLD1QIsXrsXnMNvlgbDe2yXLoo28iyT_Mmy5f-mj3VPCpD9zlUAWyfL
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Dec 2023 05:18:25 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F35D
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPQCakhEbuen7Lxi2BzcSvc&google_cver=1&google_push=AXcoOmT3vMKO6I833twMeYAFlGMi3mJnBI5ConxPdnAtVQQhmPHq-Bg5dAkUqEgKJPnezp5usU0PJaA7DAzv1Vk4ZdYz...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPQCakhEbuen7Lxi2BzcSvc&google_cver=1&google_push=AXcoOmT3vMKO6I833twMeYAFlGMi3mJnBI5ConxPdnAtVQQhmPHq-Bg5dAkUqEgKJPnezp5usU0PJaA7DAzv1V...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT3vMKO6I833twMeYAFlGMi3mJnBI5ConxPdnAtVQQhmPHq-Bg5dAkUqEgKJPnezp5usU0PJaA7DAzv1Vk4ZdYzWwuuCqDS&google_hm=yLXZlC4WQbW0evujkqwSyg==

170 B
188 B

61ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT3vMKO6I833twMeYAFlGMi3mJnBI5ConxPdnAtVQQhmPHq-Bg5dAkUqEgKJPnezp5usU0PJaA7DAzv1Vk4ZdYzWwuuCqDS&google_hm=yLXZlC4WQbW0evujkqwSyg==

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT3vMKO6I833twMeYAFlGMi3mJnBI5ConxPdnAtVQQhmPHq-Bg5dAkUqEgKJPnezp5usU0PJaA7DAzv1Vk4ZdYzWwuuCqDS&google_hm=yLXZlC4WQbW0evujkqwSyg==
date: Mon, 04 Dec 2023 05:18:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F35D
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENcrmxN9m1cBhXTspR_8w_g&google_cver=1&google_push=AXcoOmRusj4ZmMQDK8GEwVoqm1btiDuVnra3x57Zd9nuWvKxyf0ZOtSMzcEO0mimQMS50QkTI5ebJGb1YKJrZ...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENcrmxN9m1cBhXTspR_8w_g&google_push=AXcoOmRusj4ZmMQDK8GEwVoqm1btiDuVnra3x57Zd9nuWvKxyf0ZOtSMzcEO0mimQMS50QkTI5ebJGb1YKJrZ...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRusj4ZmMQDK8GEwVoqm1btiDuVnra3x57Zd9nuWvKxyf0ZOtSMzcEO0mimQMS50QkTI5ebJGb1YKJrZaZHAbX7OICVbgiX&google_hm=WnFVY3dYUWxNaUZaaTVI...

170 B
188 B

62ms
62ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRusj4ZmMQDK8GEwVoqm1btiDuVnra3x57Zd9nuWvKxyf0ZOtSMzcEO0mimQMS50QkTI5ebJGb1YKJrZaZHAbX7OICVbgiX&google_hm=WnFVY3dYUWxNaUZaaTVIbXdiT2o=

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 05:18:25 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRusj4ZmMQDK8GEwVoqm1btiDuVnra3x57Zd9nuWvKxyf0ZOtSMzcEO0mimQMS50QkTI5ebJGb1YKJrZaZHAbX7OICVbgiX&google_hm=WnFVY3dYUWxNaUZaaTVIbXdiT2o=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 236
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F35D
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAFbXywLQ7Wkqym9q0pt01M&google_cver=1&google_push=AXcoOmTWzIvyrkzTX-P2socuhOg-i16lnZGJt2QbKOKcVI5-GVE89La05GLmgSznWiaib8BrNWejfOqARQM2pyohnlrYtVCXlZI
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmTWzIvyrkzTX-P2socuhOg-i16lnZGJt2QbKOKcVI5-GVE89La0...

170 B
188 B

62ms
62ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmTWzIvyrkzTX-P2socuhOg-i16lnZGJt2QbKOKcVI5-GVE89La05GLmgSznWiaib8BrNWejfOqARQM2pyohnlrYtVCXlZI

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjExNDUyMjM3NDAwMjQ4MTM1Njk4Mw%3D%3D&google_push=AXcoOmTWzIvyrkzTX-P2socuhOg-i16lnZGJt2QbKOKcVI5-GVE89La05GLmgSznWiaib8BrNWejfOqARQM2pyohnlrYtVCXlZI
date: Mon, 04 Dec 2023 05:18:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame F35D 0
34 B 30ms
29ms Image
text/plain 18.193.96.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDOGQAbAHZIkogp4UpZFDLs&google_cver=1&google_push=AXcoOmS2IGwiOtzZksieMtcoX_piO1df4j9tm1FXQ2bvBUrqByIkyOYraVbBCEGkwMhnpFtGfG_rR2125iZVOx5rOtV8DkfzxSvjiw
Requested by: Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.96.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-96-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:25 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F35D
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEAVciTWbO-9WshIfcKiJNSU&google_cver=1&google_push=AXcoOmQjFrtswxth8stzP2VeWDWmuKV4oouIPQBv7tEYkwTkcpmDFYVLn-c5HjCM_B9aBVA_X7XTHN7UjwX-ZObP20yKxpfd2...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQjFrtswxth8stzP2VeWDWmuKV4oouIPQBv7tEYkwTkcpmDFYVLn-c5HjCM_B9aBVA_X7XTHN7UjwX-ZObP20yKxpfd2HdvFg&google_hm=f34e9699f854...

170 B
188 B

61ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQjFrtswxth8stzP2VeWDWmuKV4oouIPQBv7tEYkwTkcpmDFYVLn-c5HjCM_B9aBVA_X7XTHN7UjwX-ZObP20yKxpfd2HdvFg&google_hm=f34e9699f8542d811qowb700lpqgnq07

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQjFrtswxth8stzP2VeWDWmuKV4oouIPQBv7tEYkwTkcpmDFYVLn-c5HjCM_B9aBVA_X7XTHN7UjwX-ZObP20yKxpfd2HdvFg&google_hm=f34e9699f8542d811qowb700lpqgnq07
date: Mon, 04 Dec 2023 05:18:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F35D 0
12 B 59ms
59ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jc17vCQQy9iM5so5Yqky8aOPWENxcleTEvbgalgqHOYpMGxBZhC9sf63yoGt8oICjWzgmyrVE

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F594 38 KB
13 KB 51ms
51ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 233698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:23:27 GMT
expires: Sat, 30 Nov 2024 12:23:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1779 0
0 164ms
72ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYP_kx8c5-0l36B_pJRV1uD8QGPE0bCgKcOgTh6CbApQz9n863gYU3_POQWCqf0gY2rxUk8Wmn65c2cCNdjs3uYIgyLKzi6uv-yRRI9fKybJ5I59s-ATsARvgwGgIagMyaF0c9z8jVvAGcqPqs4a_3Y8ZR2oN4VUTKWlKuGrUl0RB-tdmmQHXwnmg562Dx0b-YxVJzO5um1CLDllt2matsjq_vBdnh5blVsNUbhLUogQ2uQaw_miujrhfpyD3P5_a1cDkbXRR7qINQgogzbySXGfjO2INQqa6w8wM-yFx1AOtF0X5i0RKWwN_gugHOqoaT6wPgOILIr6SaO0VDTinz_BGFc3F4jz5T1ONtH7trknXt0UMgOoF0Eu-J2WkoYo8U1IIUz7QKZB4IF3dvuEVJVcTFFVaV9i7y_XMhLf7PSCX7N8YaPTJS8B5CiEIDiDbqw2F2WIkjCScGufwo2fVEJVj4rtD5Vz4U59w6usPROCxyNujGRlhUQh4Ey6OTs72MWL0cXqHzWEB7acTN8FEyBGl3XLKZziMrog5we7Ucsx6Tmj14hbU2i1MhwlWbr_1HBuOMLvfsXlvFGQhjac3PQ0u_SFCTAY1SeBcqZRz-hyEtqL3UG-FmkxqmCSYpvm30dqJVSfgwEKrEd8yExfBZwIo-pc3q6z3bWIY_-9T630d8ik-BIEsKNWxTKbVhqyV_XmGHS5hDXvNzuKacOFUtmi_LrQEfOhYpaPPeDp7qxMc0PXkwpjT2QuhyWKgyVOPg35WFnSmLheKMijIttYJAlTO62GreUujy5InCfZtazN1yHx_9zAn4EZYwW31elNohq46jD3NH1ce1C1jzNJDBHP_7x92fCcrzJlghr4mhQj_Pw9Fsj5ojykQzpeEZo3FF8t73SxZ_bh-mX3cuLCYKUPOvbqulUYKMMuf4ARQbl-vJGyIIuQvQCB7t6ei40AygU75xRxoAeb4mgJBYtKsj8x620xSpLHvZRnTCbJebwiiPkupsEjfWQVHownNgLUXgkH2Ojf7Fcedws5IMCITgtb0LkMR6HDoew76hGmfTdlCjQs_6ljFgsKKgb7YKqKC2f2qlcbMiCOcu8aR-A0hmB8XtPkHUKb_dh0kQ58HN83RaXYfF_N_aZPI61-JlsS5uEy2rZMNsUJUjtczjBHuKeUe-Jbz4IQePo0Zd4VRarDCr8z38JntkkP4k92F8dFsRKcBsj_JNnPUcRaA0blVQZ0ZAn27LI87Nse9it39kaqJ-4o5jcpQ5rh9TozkQz7bDJYJmwTJaAF3wbhD7JXv40YmVKo2mG_nNXxL2olVs7gbfGgf84vJsC-ICDWpA0LavLPq0FYWdZl6UfJv1U2-Zo3u_gYdi-0TOeq0-Zr7oA4W1bRCvMvtXUOqwqBNYlehX_K0zTgsW_IMhzJQxqgujfmO_sS_UDMEMvrEHyuzO7JSII3lrghIKgROaha3jm2v4&sai=AMfl-YQ99-qbaxSYwk19A1qgt4CbmLD7aEK7gSqPe0c-nu8Scn0CXqtPgv2DZkhyBS8OYsuGq64Oqf12hVMoLWH8vllpsK7kMBkFI-gPN2XZUZBlTb6-QChsNUmY_ucNToD5Dz1pkk5Xw4jV_aV4qB7wMKevZOTLm3UMWI6yVDX_KiLA2Mn0KwzhfVSKX0G23dw06Eh5Zdfsz-xHNjed5qBmq4qZtTXFehxWmd6ye6WDggPrpDjwhsBpOejqZi6FDIB2wfGoExQ&sig=Cg0ArKJSzM5wwEDn9_XPEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=124&cbvp=1&cisv=r20231129.05563&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 05:18:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5099231098116534259
s0.2mdn.net/simgad/ Frame 1779 131 KB
131 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5099231098116534259

Requested by

Host: 738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
URL: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bb947388318a3b186da4bacfa70c3d6a120be03af0d07d924ce27ed2f5e8513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 23:00:47 GMT
x-content-type-options: nosniff
age: 454658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134577
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 14:53:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 23:00:47 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame F594 39 KB
15 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 19:25:39 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1779 0
0 114ms
67ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYP_kx8c5-0l36B_pJRV1uD8QGPE0bCgKcOgTh6CbApQz9n863gYU3_POQWCqf0gY2rxUk8Wmn65c2cCNdjs3uYIgyLKzi6uv-yRRI9fKybJ5I59s-ATsARvgwGgIagMyaF0c9z8jVvAGcqPqs4a_3Y8ZR2oN4VUTKWlKuGrUl0RB-tdmmQHXwnmg562Dx0b-YxVJzO5um1CLDllt2matsjq_vBdnh5blVsNUbhLUogQ2uQaw_miujrhfpyD3P5_a1cDkbXRR7qINQgogzbySXGfjO2INQqa6w8wM-yFx1AOtF0X5i0RKWwN_gugHOqoaT6wPgOILIr6SaO0VDTinz_BGFc3F4jz5T1ONtH7trknXt0UMgOoF0Eu-J2WkoYo8U1IIUz7QKZB4IF3dvuEVJVcTFFVaV9i7y_XMhLf7PSCX7N8YaPTJS8B5CiEIDiDbqw2F2WIkjCScGufwo2fVEJVj4rtD5Vz4U59w6usPROCxyNujGRlhUQh4Ey6OTs72MWL0cXqHzWEB7acTN8FEyBGl3XLKZziMrog5we7Ucsx6Tmj14hbU2i1MhwlWbr_1HBuOMLvfsXlvFGQhjac3PQ0u_SFCTAY1SeBcqZRz-hyEtqL3UG-FmkxqmCSYpvm30dqJVSfgwEKrEd8yExfBZwIo-pc3q6z3bWIY_-9T630d8ik-BIEsKNWxTKbVhqyV_XmGHS5hDXvNzuKacOFUtmi_LrQEfOhYpaPPeDp7qxMc0PXkwpjT2QuhyWKgyVOPg35WFnSmLheKMijIttYJAlTO62GreUujy5InCfZtazN1yHx_9zAn4EZYwW31elNohq46jD3NH1ce1C1jzNJDBHP_7x92fCcrzJlghr4mhQj_Pw9Fsj5ojykQzpeEZo3FF8t73SxZ_bh-mX3cuLCYKUPOvbqulUYKMMuf4ARQbl-vJGyIIuQvQCB7t6ei40AygU75xRxoAeb4mgJBYtKsj8x620xSpLHvZRnTCbJebwiiPkupsEjfWQVHownNgLUXgkH2Ojf7Fcedws5IMCITgtb0LkMR6HDoew76hGmfTdlCjQs_6ljFgsKKgb7YKqKC2f2qlcbMiCOcu8aR-A0hmB8XtPkHUKb_dh0kQ58HN83RaXYfF_N_aZPI61-JlsS5uEy2rZMNsUJUjtczjBHuKeUe-Jbz4IQePo0Zd4VRarDCr8z38JntkkP4k92F8dFsRKcBsj_JNnPUcRaA0blVQZ0ZAn27LI87Nse9it39kaqJ-4o5jcpQ5rh9TozkQz7bDJYJmwTJaAF3wbhD7JXv40YmVKo2mG_nNXxL2olVs7gbfGgf84vJsC-ICDWpA0LavLPq0FYWdZl6UfJv1U2-Zo3u_gYdi-0TOeq0-Zr7oA4W1bRCvMvtXUOqwqBNYlehX_K0zTgsW_IMhzJQxqgujfmO_sS_UDMEMvrEHyuzO7JSII3lrghIKgROaha3jm2v4&sai=AMfl-YQ99-qbaxSYwk19A1qgt4CbmLD7aEK7gSqPe0c-nu8Scn0CXqtPgv2DZkhyBS8OYsuGq64Oqf12hVMoLWH8vllpsK7kMBkFI-gPN2XZUZBlTb6-QChsNUmY_ucNToD5Dz1pkk5Xw4jV_aV4qB7wMKevZOTLm3UMWI6yVDX_KiLA2Mn0KwzhfVSKX0G23dw06Eh5Zdfsz-xHNjed5qBmq4qZtTXFehxWmd6ye6WDggPrpDjwhsBpOejqZi6FDIB2wfGoExQ&sig=Cg0ArKJSzM5wwEDn9_XPEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=169&vt=11&dtpt=45&dett=3&cstd=169&cisv=r20231129.05563&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 blue_super_max_logo_300x600_modified.html Show response
s0.2mdn.net/sadbundle/15978310080129696240/HPA/ Frame 1DA5 8 KB
3 KB 29ms
29ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/blue_super_max_logo_300x600_modified.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed163235ac3b07f67dea8cf8cf888bb8b511c3ce0491f1c9d44cadda335636e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 540122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2847
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 23:16:23 GMT
expires: Tue, 26 Nov 2024 23:16:23 GMT
last-modified: Mon, 20 Nov 2023 14:53:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1DA5 236 KB
63 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/blue_super_max_logo_300x600_modified.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/blue_super_max_logo_300x600_modified.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 05:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Dec 2023 05:18:25 GMT

GET
H3 200 blue_super_max_logo_300x600.js Show response
s0.2mdn.net/sadbundle/15978310080129696240/HPA/ Frame 1DA5 46 KB
11 KB 29ms
29ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/blue_super_max_logo_300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/blue_super_max_logo_300x600_modified.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bd94383bd2fe946321adc8a4867b2410056793eea6fc445ca9a4e960c543883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/blue_super_max_logo_300x600_modified.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 02:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356639
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10991
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 14:53:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Nov 2024 02:14:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F594 0
20 B 66ms
65ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BVWvjIWFtZbjDB4-e3gPt4JGIAwAAAAA4AeAEAg&bg=!Li2lLWLNAAY3kmNgF5I7ADQBe5WfOAjVidLNAJWw4zNA1w5TWNgmXqimGTQPI8biB8WLgh6EA84boDcKs6I01kFinSPVAgAAADlSAAAAAWgBB5kDB-WTlTeJvYHE2NJi_1htBpECeJveoShFywMhLTPx4vOSTTNKoFDMvfPFIAj1UZQkMS-PZUV2_PCZ0KK8dpOSuamd03ye8IMdaGBBDHsGChl7lj4noMCqfFrjRfpKPNbw1cdEn8hyb76NUYXtFx6B46zZnZ5Aijq6WX0Nm8Nc7bQZ2suj1BLvOOs3eat7EDg6c5cZbaTAglMR6a3temhUTcuY_hF72XXzHLZI6Sqow07n17BgKG70zJddF5BrVhtAtDLdFAFgyg0pHbroznTUEP5KcdvY2Lo4lM1Kll3yM_ZPcR8YIYbW6EiSgcrMwCjzI7tMNZ6e1SdadTJxUXTqh1aG26E59MJZZ7cpY-5b3iMRmc0z5KeAPwQXZpvTGdZ-YlASYNk_Lu6jIvwRd8jR5QMPbJFEMFoGWeRes8rcDLaNnFvRc-_38iVmioqAt8SOpc7MRrWLiVJaWIqqqvn369NuZ8bvJBeLtVvD6PoGEB0q3crsKS_whXiWKZJ9S3ZJOwaZ-efkBYYbT5gxrHB-ok6w4uJeunYtvnQ-iO_89JXs8b75-lABI_44ESC-yG1-u4M2dtPUKtE2NQ7zrH7feDVu705j2EqnFw5Jm4PZNHXJBPesXYGWEE-lFDWEQNXju0XkgVZqXLIEPmF3fcQQX0UvsmlxJkQZam1sysiavX28nKkV_F1ZPv5keltuuBJCrpUeVe3CeC8g33pkiFNYMEdVYFvvOSi61WKvMwSBINfVe7VRooZ-BJi1ybCePX5hepneB_Dn1VeD-2gjekd4f7p785I8nhUwMBl9ZN_cbZBFaD0xx-4GsH7Lo9nkuGbY3BZsR6ELig7jyl-3_v5d3VsJzEjOYeaEhw0v11kTJ-oQK6Wz3AMgkogCa6SvsQcgN7ptcccBHiNbXI5covgwnW1XDGrGsKv5TFMgh7odX7-RXT8imSj5nP1qXtoTHxjKXw_RkaK1mwBkTQI3b6br4RZXfhM0JF6zlFOMa8f1-wS97owUgk3cEED82KczxQzvzIJzvOa3QKk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 disney.png
s0.2mdn.net/sadbundle/15978310080129696240/HPA/images/ Frame 1DA5 3 KB
3 KB 29ms
29ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/images/disney.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac0a024b760a77b0538a98637d29cfdf047b340468ab52d9034ae1b422b23a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/blue_super_max_logo_300x600_modified.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 00:42:09 GMT
x-content-type-options: nosniff
age: 362176
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2947
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 14:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Nov 2024 00:42:09 GMT

GET
H3 200 gatewayhpa.jpg
s0.2mdn.net/sadbundle/15978310080129696240/HPA/images/ Frame 1DA5 40 KB
40 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/images/gatewayhpa.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0fc41b219afc93d024364efeae9244e8d1152189e749f2df30c1628c533fa27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/blue_super_max_logo_300x600_modified.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 23:00:48 GMT
x-content-type-options: nosniff
age: 454657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41129
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 14:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 23:00:48 GMT

GET
H3 200 packshot.png
s0.2mdn.net/sadbundle/15978310080129696240/HPA/images/ Frame 1DA5 53 KB
53 KB 29ms
29ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/images/packshot.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a03ed6cac15aaf82999b70584282f410909b7492e4bc8440b12693726cec6f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/blue_super_max_logo_300x600_modified.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 23:00:48 GMT
x-content-type-options: nosniff
age: 454657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54562
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 14:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 23:00:48 GMT

GET
H3 200 paramountv2.png
s0.2mdn.net/sadbundle/15978310080129696240/HPA/images/ Frame 1DA5 5 KB
5 KB 29ms
29ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/images/paramountv2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2987216b5f0a5d90c19ce1e9990b32f8d3ec0cf9be1bc27a2c450dd3c5a15615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/blue_super_max_logo_300x600_modified.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:25:14 GMT
x-content-type-options: nosniff
age: 233591
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4984
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 14:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 12:25:14 GMT

GET
H3 200 sky.png
s0.2mdn.net/sadbundle/15978310080129696240/HPA/images/ Frame 1DA5 2 KB
2 KB 29ms
29ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/images/sky.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d7e03c68fcc6ad29c7208c6b4f9c9503b197364f854859c3b005d92c733e204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15978310080129696240/HPA/blue_super_max_logo_300x600_modified.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 23:16:25 GMT
x-content-type-options: nosniff
age: 540120
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1803
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 14:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 23:16:25 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 111ms
111ms Preflight 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 04 Dec 2023 05:18:25 GMT
x-amzn-RequestId: cc0d5eff-9b00-03fd-91ea-3d9e0801862e

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 9EF4 133 B
569 B 119ms
119ms XHR
application/x-amz-json-1.1 3.227.250.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-155.compute-1.amazonaws.com
Software: /
Resource Hash: ec38d20e03f80b022f190520a91fe222337cc0a4683ca3d294ccbe165c5c8c01

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231204/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=88af06fd458c3302eadbe694d17b11f7b370f595442b8ffef271831b69bbdc23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 18c29a61ab8d3d8f767f8eaf86fd69dde6fa1bc986e360ff0b54cfaf77474e58
Cache-Control: no-cache
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231204T051825Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 04 Dec 2023 05:18:25 GMT
x-amzn-RequestId: e209ec75-b0e1-8bb2-bfee-8f1423e00e61
Content-Length: 133
x-amz-id-2: CqV66fWAGF96nBO5MjvDw91U2E4FJ0JIGZTS1v1flyGKgUFiz9NdGnbj29VEVxIJlG0omBPpIBDtOb7EksAUDgzhtzkyLW/P
Content-Type: application/x-amz-json-1.1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 44ms
43ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je3bt0v9135293448&_p=1701667099009&gcd=11l1l1l1l1&dma=0&cid=1291839822.1701667099&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1701667099&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Folkd%20%7C%20Home&_s=2&tfd=6982
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1779 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrjbRJM4bKkqMDW6jYnZSmodpiV6XZumCxbi4JYaERIb-wugMhTqrieTo7HEY15JlddmTGUXkuyd7q062GtF_hNJbSgipo0W_H5uMZd2fHRSm4Uj4Z0lZ-ppPm4cI6CGVBySRGe_bx1g&sai=AMfl-YSxjT2X9p9-CpBEH1fwY4MLUZWDLzlS6LDD9iQUFz8gz3Squzb80vxDbyiThfD10FsH3EYTBg8pU3TKITcC-8RAKwTVUUnRTVFowvGiPsIqyRUAEqlharg5fy6skzwurswOASth1Bk&sig=Cg0ArKJSzOoIvyIf2HUwEAE&cid=CAQSPADICaaNkUmHuFDnLfR9FAf9mSMSEdBIBBwiQJOjcdLzRkp7LKQKqVupuTNtgf6PcLKyce9XJ2ht9tciaRgB&id=lidar2&mcvt=1000&p=164,1140,764,1440&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=663577002&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701667104947&rpt=307&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
289 B 780ms
307ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Mon, 04 Dec 2023 05:18:27 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1779 0
21 B 62ms
62ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2230418943316&version=m202309260101&ct=119&x=1&cor=10929920802502398000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 05:18:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oajs.openx.net
URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMidt4WMIurMqInTEzKdSlQ&google_cver=1&google_push=AXcoOmTCSTj0JnG_2RfQKJyAG-tH3W-cwfLKL9tzYE2QsnjnR5xAeEV3RNbkDA6HAQEoRWQarn19WjyTWTiQmWnnAnhISJ3uPBlRSw

Domain: dclk-match.dotomi.com
URL: https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=47cf8806d06117e5&is_secure=true&networkId=14000&version=1&google_gid=CAESEFCMCdXIho9-Nb-qlEmBWjQ&google_cver=1&google_push=AXcoOmSb50usLir55i3083yGnn2sw8fu8o7ZT_DoYefZhzSSnUzG-N6iXaiLwd0AwT_IArYJVPQhSWdNJRFMqcWG1LBGgOjmj5nw

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSZG08DMTmB48pR8PfalipBvCLyJT52mIBKRz7L6Gx7Vtk5wM-Zzy-DwJA9ksGmf4BltIkLEBu8wL16iPaRZPyMixOV49-6WQ&google_hm=Hw1etGZHSM0AGr4eTh-9Dk4A

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=f5891b64ca&gdpr=0&gdpr_consent=

Domain: sync.targeting.unrulymedia.com
URL: https://sync.targeting.unrulymedia.com/csync/RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQEK8lRjhHiWpyo-4DSTN00sMKrllItJgs-1zMICOtACFTGs5jpWpoQlkitbBGA4A7LTcQxxI8jm9WcfOs8PtB8MKHTkqMB%26google_hm%3DAyfTXU24ak-VnNQ_62z-ViY

Domain: sync.inmobi.com
URL: https://sync.inmobi.com/gob?google_gid=CAESEPn1EKM-5bkx_Yles82mCt8&google_cver=1&google_push=AXcoOmQRrhZh6wc4dpvJMcbP69lWRykHiryYSMcs_zah_j0rmsELzSKU7LovUZ1zPPDMPR1j_awmvP2dQ-bDuNvIYYXRSX8VjYfDhwc

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3zccVhhNNrhJFbotvtzK

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M3pjY1ZoaE5OcmhKRmJvdHZ0eks=

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an

Domain: pixel-eu.rubiconproject.com
URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=

Domain: image8.pubmatic.com
URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=81a53010-8b0a-49aa-889a-6006d15167c2&id=3zccVhhNNrhJFbotvtzK

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3zccVhhNNrhJFbotvtzK&redir=true

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3zccVhhNNrhJFbotvtzK

Domain: rtb.adentifi.com
URL: https://rtb.adentifi.com/CookieSyncYieldMo

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=21

Domain: yieldmo-match.dotomi.com
URL: https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=yieldmo

Domain: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D

Domain: dis.criteo.com
URL: https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40

Domain: bttrack.com
URL: https://bttrack.com/pixel/cookiesync?source=6f15a88d-e42c-4017-8276-dff2b21d7926&secure=1

Domain: contextual.media.net
URL: https://contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/397286.gif?partner_uid=3zccVhhNNrhJFbotvtzK

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/yieldmo?redir=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fuserid%3D%7B%24PARTNER_UID%7D%26pn_id%3Daa

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_sc&google_hm=M3pjY1ZoaE5OcmhKRmJvdHZ0eks=

Domain: rtb.mfadsrvr.com
URL: https://rtb.mfadsrvr.com/sync?ssp=yieldmo

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=71&gdpr=0&gdpr_consent=

Domain: aa.agkn.com
URL: https://aa.agkn.com/adscores/g.pixel?sid=9212291508&puid=3zccVhhNNrhJFbotvtzK

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/mo

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11479&redirect=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fpn_id%3Dloopme%26id%3D%7Bviewer_token%7D

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?party=1283

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/26980?limit=0&id=3zccVhhNNrhJFbotvtzK

Domain: xsync.iqzone.com
URL: https://xsync.iqzone.com/psync?t=s&e=366&cb=https%3A%2F%2Fsync-iqzone.ads.yieldmo.com%2Fsync%3Fpn_id%3Diqzone%26id%3D%25USER_ID%25

Domain: static.yieldmo.com
URL: https://static.yieldmo.com/sdk/template/js_a/desktop/52.handlebars.js

Domain: static.yieldmo.com
URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js

Domain: static.yieldmo.com
URL: https://static.yieldmo.com/sdk/template/js_a/desktop/52.handlebars.js

Domain: static.yieldmo.com
URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js

Verdicts & Comments Add Verdict or Comment

259 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

75 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
folkd.com/	1970-01-20 16:45:26	Name: folkd0612_live_u2main Value: 1701667098351x966181806189929000
folkd.com/	1970-01-20 16:45:26	Name: folkd0612_live_u2main.sig Value: dQyxFXqg3VWSzIj0I-DoR4jXShY
folkd.com/	1969-12-31 23:59:59	Name: folkd0612_u1main Value: 1701667098338x369002760007166340
www.clarity.ms/	1970-01-21 01:26:43	Name: CLID Value: 109ec894301449609c05659cddfc6738.20231204.20241203
.folkd.com/	1970-01-21 02:17:07	Name: _ga Value: GA1.1.1291839822.1701667099
.folkd.com/	1970-01-21 01:26:43	Name: _clck Value: gkaoh4%7C2%7Cfh9%7C0%7C1433
folkd.com/	1970-01-21 02:17:07	Name: session Value: 13dbd6d9-7ec6-465b-9bf6-6f2e20908649
.folkd.com/	1970-01-20 16:42:33	Name: _clsk Value: 1svwabb%7C1701667099878%7C1%7C1%7Co.clarity.ms%2Fcollect
.criteo.com/	1970-01-21 02:02:43	Name: uid Value: 350e1fd2-c84a-4186-9ca8-595266cc2e55
.crwdcntrl.net/	1970-01-20 23:09:54	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 23:09:54	Name: _cc_id Value: 581f8636de9672c5c382c51485d1f8de
.folkd.com/	1970-01-20 23:09:55	Name: _cc_id Value: 581f8636de9672c5c382c51485d1f8de
.folkd.com/	1970-01-20 16:42:33	Name: panoramaId_expiry Value: 1701753499948
m.stripe.com/	1970-01-21 02:17:07	Name: m Value: 19c59deb-cb4b-4666-8d1a-813167e613de51422b
.openx.net/	1970-01-21 01:26:43	Name: i Value: 70679688-8fdc-0f2e-06cd-4620254e82d9\|1701667100
.openx.net/	1970-01-20 17:02:43	Name: pd Value: v2\|1701667100\|n0vNvQiygu
.doubleclick.net/	1970-01-21 02:17:07	Name: IDE Value: AHWqTUlM8rsmbqDhRG8f85-X1IxRXNL6dLCTorJ1DF1PL5j7X_Llfpv8WE_EXzzejQE
.folkd.com/	1970-01-21 01:26:43	Name: __stripe_mid Value: ddd54a9f-f08c-405e-a23d-b7c2c3409028f4b689
.folkd.com/	1970-01-20 16:41:08	Name: __stripe_sid Value: 8bee7771-12c5-4f98-a6b5-4d83d6f57ae44d48f7
.folkd.com/	1970-01-21 02:02:43	Name: cto_bundle Value: 242hfl8zektPc2NRVzRNSlVwZFo3cnhGeXpPOEExZDJ2aWU0OFI0R0JiUUJKc2hpZ2x4YUhoamFkJTJCUklFUDRMSmJybDJpdnRxaFlGTzVxNEQ3czVEejJxeTdoTG93ZFdCSCUyRnlLWURqMGZNR0clMkJvMjU3TWtUSTBsaE96eWZIVWVOSmJIU0xENE03OE4lMkJ3eWRaRGZweW9SN1ljdyUzRCUzRA
.adform.net/	1970-01-20 17:25:45	Name: C Value: 1
.adform.net/	1970-01-20 18:07:31	Name: uid Value: 8594898887817346856
.folkd.com/	1970-01-21 02:02:43	Name: __gads Value: ID=b384fbe27bbbdf98:T=1701667100:RT=1701667100:S=ALNI_MZNT-MDBe-gtaUkV4u1VPJfGitZmQ
.folkd.com/	1970-01-21 02:02:43	Name: __gpi Value: UID=00000d031a52acc8:T=1701667100:RT=1701667100:S=ALNI_MbBjf48Si_Pemm8lEolpg1vkvA02w
.amazon-adsystem.com/	1970-01-20 21:43:31	Name: ad-id Value: A2KssrAI1kE8nY0NtG1hik8
.amazon-adsystem.com/	1970-01-21 02:17:07	Name: ad-privacy Value: 0
.yieldmo.com/	1970-01-21 01:26:43	Name: yieldmo_id Value: 3zccVhhNNrhJFbotvtzK%7C1701648000000%7C0
.adfarm1.adition.com/	1970-01-20 18:50:43	Name: UserID1 Value: 7308604547490122762
.ads.yieldmo.com/	1970-01-21 01:26:43	Name: re_sync Value: pp%3D1182553%7Cbsw%3D1182553%7Cadfm%3D1182553%7Cgoogle_supply%3D1182553%7Ciqzone%3D1182553%7Ctapad%3D1182553%7Cyahoo_supply%3D1182553%7Cmf%3D1182553%7Cbeeswax%3D1182553%7Cneustar%3D1182553%7Caa%3D1182553%7Cb%3D1182553%7Cc%3D1182553%7Ccriteo%3D1182553%7Cloopme%3D1182553%7Ceps%3D1182553%7Cstk%3D1182553%7Cdv360%3D1182553%7Ceq%3D1182553%7Can%3D1182553%7Crc%3D1182553%7Cunl%3D1182553%7Cmnt%3D1182553%7Cliveramp%3D1182553%7Ct%3D1182553%7Cadtrt%3D1182553%7Cbluekai%3D1182553%7Camazon_supply%3D1182553%7Cz%3D1182553%7Cpub%3D1182553%7Copenx%3D1182553
.quantserve.com/	1970-01-20 18:50:43	Name: d Value: EHgBCQHKKoEA
.quantserve.com/	1970-01-21 02:11:21	Name: mc Value: 656d611e-06e74-43ccd-b78a7
.smaato.net/	1970-01-20 17:11:21	Name: SCM Value: f5891b64ca
.smaato.net/	1970-01-20 17:11:21	Name: SCMv Value: f5891b64ca
.1rx.io/	1970-01-21 01:26:43	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003%22%7D
.lijit.com/	1970-01-21 01:26:43	Name: ljt_reader Value: Hw1etGZHSM0AGr4eTh-9Dk4A
.dotomi.com/	1970-01-20 16:41:07	Name: DotomiTest Value: 47cf8806d06117e5
.3lift.com/	1970-01-20 18:50:43	Name: tluid Value: 2114522374002481356983
.casalemedia.com/	1970-01-20 18:50:43	Name: CMPS Value: 3385
.pubmatic.com/	1970-01-20 16:42:33	Name: KTPCACOOKIE Value: YES
.targeting.unrulymedia.com/	1970-01-21 01:26:43	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-27d35d4d-b86a-4f95-9cd4-3feb6cfe5626-003%22%7D
.casalemedia.com/	1970-01-21 01:26:43	Name: CMID Value: ZW1hHilwAW4n0FA5a6txPwAA
.casalemedia.com/	1970-01-20 18:50:43	Name: CMPRO Value: 5283
.yahoo.com/	1970-01-21 01:27:04	Name: A3 Value: d=AQABBB5hbWUCED_tYMFW9Q6kAYqYSr8klnUFEgEBAQGybmV3ZQAAAAAA_eMAAA&S=AQAAArFERC7pzptOjCrxdU1fgzA
.media.net/	1970-01-21 01:26:43	Name: visitor-id Value: 3446687028287393000V10
.acuityplatform.com/	1970-01-21 01:26:43	Name: auid Value: 860098435345
.pubmatic.com/	1970-01-21 01:26:43	Name: KADUSERCOOKIE Value: B6010562-42DA-42FA-BE1A-E1F1A37E94A8
.scorecardresearch.com/	1970-01-21 02:17:07	Name: UID Value: 1003ca3b223da88be3aabbf1701667102
.go.sonobi.com/	1970-01-20 17:24:19	Name: __uis Value: 98ff2875-c623-4052-aa65-d7afb302353b
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86167\|ZW1hI
sync.srv.stackadapt.com/	1970-01-21 01:26:43	Name: sa-user-id Value: s%3A0-3a5d772a-6f6b-5b93-7f85-aa61daea4c72.l2Bk4%2Fy6Rxqs8les9eSVIEU%2BBefGz3F5deMzw9XzFvQ
.srv.stackadapt.com/	1970-01-21 01:26:43	Name: sa-user-id Value: s%3A0-3a5d772a-6f6b-5b93-7f85-aa61daea4c72.l2Bk4%2Fy6Rxqs8les9eSVIEU%2BBefGz3F5deMzw9XzFvQ
sync.srv.stackadapt.com/	1970-01-21 01:26:43	Name: sa-user-id-v2 Value: s%3AOl13Km9rW5N_haph2upMcrnDR9k.qm%2BzTs6Zf9hRYXIa9miMOvQOmq7iBAy64z87uDwCAZM
.srv.stackadapt.com/	1970-01-21 01:26:43	Name: sa-user-id-v2 Value: s%3AOl13Km9rW5N_haph2upMcrnDR9k.qm%2BzTs6Zf9hRYXIa9miMOvQOmq7iBAy64z87uDwCAZM
sync.srv.stackadapt.com/	1970-01-21 01:26:43	Name: sa-user-id-v3 Value: s%3AAQAKILYits3gPf57N9DAuLFzZ1xS3mHxEvu9wArcsiv5SHzvEHwYBCCewrWrBjABOgTwi70wQgTcRHwG.k%2FsElI12KW0jMQxW2WRXXvIkzZLZb6vG7cFrx5JLZXg
.srv.stackadapt.com/	1970-01-21 01:26:43	Name: sa-user-id-v3 Value: s%3AAQAKILYits3gPf57N9DAuLFzZ1xS3mHxEvu9wArcsiv5SHzvEHwYBCCewrWrBjABOgTwi70wQgTcRHwG.k%2FsElI12KW0jMQxW2WRXXvIkzZLZb6vG7cFrx5JLZXg
.doubleclick.net/	1970-01-20 17:24:19	Name: ar_debug Value: 1
.acuityplatform.com/	1970-01-21 01:26:43	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRgxoNhGImGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYMaDYRiI90aGlyZFBhcnR5VXNlcklkWkNBRVNFUFNMeWlTbzNVVFRJWmV5QkZPNDZXOPv7hnZlcnNpb27C+w=="
.bing.com/	1970-01-21 02:02:43	Name: MUID Value: 1717007350EE68083C9D13AE519E696E
.c.bing.com/	1970-01-20 16:51:11	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:02:43	Name: SRM_B Value: 1717007350EE68083C9D13AE519E696E
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:02:43	Name: MUID Value: 1717007350EE68083C9D13AE519E696E
.c.clarity.ms/	1970-01-20 16:51:11	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:41:07	Name: ANONCHK Value: 0
.folkd.com/	1970-01-21 02:17:07	Name: _ga_7BR5TDFFPC Value: GS1.1.1701667099.1.0.1701667104.0.0.0
.adnxs.com/	1970-01-20 18:50:43	Name: uuid2 Value: 5289678328359690646
.adnxs.com/	1970-01-20 18:50:43	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>zos4NT!@wnfH8K6pQK`!5=E<L5?%M#l!V^kYt_S+Yfj:Hb@!1-7$<L5C!z[g]kP/$bpRzqF1`b`D<*@CMY
.bidswitch.net/	1970-01-21 01:26:43	Name: tuuid Value: c8b5d994-2e16-41b5-b47a-fba392ac12ca
.bidswitch.net/	1970-01-21 01:26:43	Name: c Value: 1701667105
.bidswitch.net/	1970-01-21 01:26:43	Name: tuuid_lu Value: 1701667105
.simpli.fi/	1970-01-21 01:28:09	Name: suid Value: 089D1C70497E400383B46583992CA401
.bidswitch.net/	1970-01-20 16:41:07	Name: google_push Value: AXcoOmT3vMKO6I833twMeYAFlGMi3mJnBI5ConxPdnAtVQQhmPHq-Bg5dAkUqEgKJPnezp5usU0PJaA7DAzv1Vk4ZdYzWwuuCqDS
.tribalfusion.com/	1970-01-20 18:50:43	Name: ANON_ID Value: aTntuJNj6WlCyhURB1xU2CmJA2nnUTBw5oWuvX16YdQsje7dMN0WUg2StVdaAlIBfspm4ZaiAsq1bwUas6ol03r9G
.mediago.io/	1970-01-21 01:26:43	Name: __mguid_ Value: f34e9699f8542d811qowb700lpqgnq07
.zemanta.com/	1970-01-21 01:26:43	Name: zuid Value: ZqUcwXQlMiFZi5HmwbOj

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript	error	URL: https://folkd.com/ Message: Access to fetch at 'https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp' from origin 'https://folkd.com' has been blocked by CORS policy: Request header field x-coalias-route is not allowed by Access-Control-Allow-Headers in preflight response.
network	error	URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp Message: Failed to load resource: net::ERR_FAILED
worker	error	URL: blob:https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/b214d79c-b8c9-4f43-9ada-0f667e343df5 Message: Mixed Content: The page at 'blob:https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/b214d79c-b8c9-4f43-9ada-0f667e343df5' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/b214d79c-b8c9-4f43-9ada-0f667e343df5 Message: Mixed Content: The page at 'blob:https://738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com/b214d79c-b8c9-4f43-9ada-0f667e343df5' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io
738561092adad49aa138733bab0c6cb2.safeframe.googlesyndication.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acservicesmadurai.com
ad.doubleclick.net
ad.turn.com
ad4.adfarm1.adition.com
ads.yieldmo.com
allwinrotoplast.com
ap.lijit.com
audi-kolkata.in
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
blogstudiio.com
bttrack.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.shopify.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cs.admanmedia.com
cs.lkqd.net
cs.media.net
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eu-u.openx.net
folkd.com
folkd0612.bubbleapps.io
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
image8.pubmatic.com
imagesrv.adition.com
imps.monu.delivery
invstatic101.creativecdn.com
js.stripe.com
kinesis.us-east-1.amazonaws.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matchadsrvr.yieldmo.com
monu.delivery
mug.criteo.com
o.clarity.ms
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
orchidlifesciences.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
protected-by.clarium.io
q.stripe.com
region1.google-analytics.com
rtb.adentifi.com
rtb.mfadsrvr.com
s.tribalfusion.com
s.update.tas.yieldmo.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.yieldmo.com
storage.googleapis.com
sync.1rx.io
sync.go.sonobi.com
sync.inmobi.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
windsorhelmets.com
www.ausadvisor.com
www.clarity.ms
www.folkd.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xeqe-t3lw-i7hv.n7.xano.io
xsync.iqzone.com
yieldmo-match.dotomi.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.turn.com
b1sync.zemanta.com
bh.contextweb.com
bttrack.com
c1.adform.net
cm.g.doubleclick.net
contextual.media.net
cs.admanmedia.com
cs.lkqd.net
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
ib.adnxs.com
idsync.rlcdn.com
image8.pubmatic.com
match.adsrvr.org
match.prod.bidr.io
oajs.openx.net
pixel-eu.rubiconproject.com
pixel.tapad.com
rtb.adentifi.com
rtb.mfadsrvr.com
ssbsync.smartadserver.com
stags.bluekai.com
static.yieldmo.com
sync.1rx.io
sync.inmobi.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
u.openx.net
ups.analytics.yahoo.com
x.bidswitch.net
xsync.iqzone.com
yieldmo-match.dotomi.com
103.53.42.80
104.16.224.78
15.197.193.217
154.59.122.79
162.19.138.82
162.251.85.8
172.217.16.134
172.217.16.194
172.217.18.2
172.64.151.101
178.250.1.9
18.154.63.108
18.154.63.48
18.154.70.139
18.173.233.47
18.193.96.13
18.245.60.72
185.64.190.78
2.18.160.23
2001:4860:4802:34::36
216.52.2.48
217.79.188.46
217.79.188.60
23.227.60.200
2600:9000:2057:3000:19:7d10:bd80:93a1
2600:9000:2057:c000:1b:83f3:bc0:93a1
2606:4700:10::6816:3456
2606:4700:3033::ac43:9fcb
2606:4700:4400::6812:2b5a
2606:4700::6810:5614
2606:4700::6810:cc42
2606:4700::6811:180e
2606:4700::6812:18ad
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:806::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:81c::201b
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
2a01:7e00:1::b903:5c4c
2a02:2638:3::3
2a02:2638:3::c
2a02:4780:11:1102:0:3a78:25a8:7
2a05:d018:d29:3605:885b:36b0:5c58:578
3.227.250.155
3.253.142.96
34.102.146.192
34.120.135.53
34.255.27.143
34.91.62.186
34.96.70.87
34.98.64.218
35.156.218.59
35.186.236.140
35.190.39.111
35.193.186.65
35.208.249.213
37.157.6.243
37.252.171.149
45.132.244.92
46.228.174.117
5.9.19.146
50.31.142.95
51.20.47.97
51.38.120.206
52.152.143.207
52.40.111.159
52.95.115.196
54.172.57.125
54.187.159.182
54.194.196.88
68.178.145.107
68.219.88.97
69.166.1.67
76.223.111.18
76.76.21.21
00b811e83a10b7aa4065e927327a2e9c1c4f0519daf98476bcba5679404bcf78
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
061d8e7c1bd3457c8e9f9bb5aca28a698d051c45b1b77c222da3b2633fc86960
06b17e901024681148c83859977a196718d05617b1302ad4229bf7e3fc926a3f
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
08714d833c0df51b80bb7372e103fd74f2eddccdd85f7536f24ffd01e1e46c05
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
09fa48367ecdb31ccbb365e0428d3d7bd7f32f48890b84d2e6c6ab9d2b12e3f2
0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c42c23a0a15b19aa34fbf250c2ef3717f98169f8f123875936de604ca03070a
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1042aafff8900191e1382ffc47b47850123c911e7d5514344b9e32e35a4497e2
10e63073cfa84b0219cd0ebd7f024084710fe9c95a5704e98cd4e7a7b99a5e1d
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
13a98b9416e587b6aac281b68031fbc9fdfcc4e6870925efcf7416251f0ea912
14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
188970294c038ff63152c4d5a24826712b55357208fd221346d1b2711e418c29
18a847f8474bbd62b4a8e5d7fc404c2d3863b05bd4e940750f7bf3fb31c78430
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1d7e03c68fcc6ad29c7208c6b4f9c9503b197364f854859c3b005d92c733e204
200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b
21232df38efb78483333d5526954f4605c3865a0469641b3a3783968046ffc95
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
2333469322b3e46a20588aa539392248479d55c62f775410a83d9c0e985abcdc
28cd33d7eaf1080e2d9d9c3a96ab1e7e19548b7b3ffc55b394107a113e63f959
2987216b5f0a5d90c19ce1e9990b32f8d3ec0cf9be1bc27a2c450dd3c5a15615
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b78fd99d494ecf27e92d3c50546b9c8dddf2c1594ed1418838dcde769b5edb2
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2fdc9998bb1b65f7bd255818faae25b40e971e10880297da69bc7390ba227ff8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326b1b6d000e21f049d96bc3516ca8fcb72476ec5697e401b8b90054dbbb9d24
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
35d531fa91623a548b867a831abe0d86225db6d79ea96fd9a4e9ee8be927ed96
36f5a5b3575b3a9576a088016e5d57e581a78bb721de85b65a6260ab83dc0806
371bea793a961498f152f362a5687ecb34a830a9371cef347b8078e842f3b7f9
378f15cfe0efbf3aab757fe58fb2fe2f0e6846befb6eed058dd51e8d00337435
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a6e92336ac1b537348604812c44a4f737740a206cfd3a582837f110f498f608
3bb947388318a3b186da4bacfa70c3d6a120be03af0d07d924ce27ed2f5e8513
3e69aaa727280da277edd6b911b02616c9e78fc9dad41ccd3bec0808afcc5a3f
3ecce84f51607f85b8f43d0dd6dbaf22feb4f747eba4259b8090c6a4635e64b1
404b044529fcb04ac567087c7641580a23548b5f117b35ee3b1aefbb90522f2c
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42b51f770fea56c8f23a535669b11fbe783dcd5172fe7c361eb1f962f384d0b6
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
454c4b12973fa49438bf37fb0fb1cb8aa90374f9ab26c12e7b3cd7cfd0e0b08a
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ae9a9e8b29ad04aee83a42b9f227dd212149055bc42e600af291ca72ee4e75
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48190aacfc1f940049159ccbecc1a0c70c12c5d08c1a99259321c75bfd2c8aac
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd94383bd2fe946321adc8a4867b2410056793eea6fc445ca9a4e960c543883
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51a6ca133d5532acd4b48bdb02356a1fa1db32ad440bbaeefed060ebd12a883a
539e7d179bcf2ca0d3d00f5ffac5c84affa7e6601f05e2c2b268fb689bb5ec8e
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
574e4a5ec3c6c9aadd8e0b7852e206bb20c82b02e96f6b66d8ebdc3f0aee5e54
585b37dd02d1257b295554b55a8838d92ad7898ed433d105512c9fa5c6a62bd5
58de2bd932bf316694dec245a08c45a84e4d5caf95c6bd993a6285d28d5845d9
5a568d568719c81b59d1b5a1217e1ebf709a44621d0a733f1a6d7282f8d36b7c
5a600e562878048db57f538e50cf4ad066ae4de746611bf592285688b053aabe
5b9109b00805f1fc936700c00ed5a255e8f02cd661c6e911659fb451be4abccf
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f1333348c7b2cd9973d4fb92d265c804f0237db32d0775ac320f26363c4e52e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6220e6ef65b6a090d2abe4d8fc9b707cfbe92951179610f27079cf76a49e4f61
62b00c910812c1e8aadf49e6671ff7dd6865e0cd0ee43e214d6d30628f9b3643
62f45bc646ebc22f78e41abd8437b41e5a042d82e9d5c8c22d38eefc9acde92c
63048d3da9b8ef24703db0cb353c4bec041d9acc3575b407755a5affda7eb9db
6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277
6444389dac37e9dfb38c666dda6a7ec826033c3de18723ad9ee690dc6d446c95
644806f46afdc2eed430b2054d2244760eac0da4a55366bc659431f49505c9df
647326da24a38f83b7fbdc6dfee0626232d324770aaa3536148ebaefce24dec2
67e22b0d7a1976ff1252abbd9bf7fee5a8d42d9a9a824e003ede2e3de7ac4866
680bbb5ca56e2c4caeb08de2b912b559e0804ab5745adb8759ec91dbf2c32a40
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6963d0d717c48645bfc09cd6813e2eb54e3a01ca9ede7238b54dcd764709b414
6b609960d76825c63d1bf24e1a34fb86f6f625109fe2bda4319d029c8a87c22c
6ea0c8b7ceec5042b33d055ba557f042561920ff56f20aa62b2d310d49a189b9
723cae47a349e7a82f1b1d282caaf539db77ebfa4264aa95ee8638b5c1fb0c85
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3
7542a88385203267507334dfe316097d73841ad41d5d27c381f966760863c63c
756eeafaa80b166bbd005a7e9210305f452e8afb2b4b08de36bd36182c466a77
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7c1fa96181647a65de9b79fa1236273e9ae7543d49ec578419ac25d4aa841489
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
82a93a1a7c4aa97210ac48d43398d9c5e0cab2d971449799fe1520cc119e53c1
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
85b358cdd9195bbc36153154c3a482d588f2098f2e29f60230d17645db8b0f7b
8710cd4f6502a626e388836dffc39d45860656c1b1cb1f54c4d11c5749d1fce1
883c856b8b93171c2a9473c203259c6c94b612b35c0b46d4844a98a6b92febaf
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8ac3dd23805da89428ef9a59b047f1b401c68c48337a324c701eb2227befd038
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92a084f3f19118c4a91b62c28a8482b3f4a6188b832524eda8b596d6f970ff77
92b53deaa6fa27ab40babb6a349419dcebe8a353c95dbdd77a24039aa0d9cce3
938a0ddbbcb33c796157d4fba269fe90bc9c101c8c16972f3b8e024b45b7f3f8
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813
97413eba74e956c5993f494746253b2dce56815b7d7f0290769abe03fe8baa47
97d03eacb71f0bacc9d1c388bf03c478bf3fbd3e6de507d488c3dfd4cb3081f7
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99fdf4fc45d9aabb0f3c7686a1d71fca9bb4dfcaa404508ec4758c6df166d506
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a8651f04e233856dc69a9deb366e6207a4aadd258a2d2ff29d5ca3b76b5f5a9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be7c919587a78ab06d19acbff7e2cbed141a8f0f41826b8e4da95e7feb7ad45
9c13cc428e876371e3b18e93626afff136c05dbcf4c1b1fd40acaf6a9302ceca
a03ed6cac15aaf82999b70584282f410909b7492e4bc8440b12693726cec6f74
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a32209d8c04dd5b8fed66b7d436dcae41dd743e8e4cd23809a4d836f23f29fd6
a4e9f915b9b49a75d3d62bd5772886bb506dc9daecee1de821a1613cdd709415
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a64f49dbb3b9a61bae49d9f1ca65d451758d652b9b69c21d08780b03f4badd9b
a75dc0ffd04141bcd0992e3fe2a48d4ccbf54192aef19c0385a05af85800b5f9
ac0616bffea261c865d269d5828615bbb5a45c092db52396457c1bacd647282e
ac0a024b760a77b0538a98637d29cfdf047b340468ab52d9034ae1b422b23a45
ad634268f20b31876d8ec07f7bd731ffc2269a7a7da0cf1dd3841ce308a9e824
ae90c0029bb3718a5b2ba8022e9f669f08fbed6fbd4c5fb5e101e3ce108c9d6d
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28a7e03e4d1948b96be3cc0b96cbe3b58d478ac74e0d44058598336e598eae6
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b406adffe6d2119f394b2c2752e0229e0a9c065238b1f6561419c543217d0b0d
b654a6dc1c6f6867b36bd07a734279ebe5e91f8b90213873d71f15cf314b2515
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663
ba712e5b1f7341b9c67768f9b1d52bd23fc315f670ee8cd566c787bdc5a57eb1
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd1855f703f86ecbeb0e5b7b05afd9ac67115c1ea3a332e742cae330c8c38061
bdb20960f5980d9919be69f8187898e786326f27196d284acfdc70e28d467eaa
bf5cb5cbadcbbfb5560f7a66eb69a0bc2aabab171bfc75512f5b4cbebd0880a6
c1a30cf3edea1533dfb330dbd98c9da3ecd9376df9226b7adc8bac47c2efcf38
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e
c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026
c6948095a767494aad9c856d0bd7ec56a649492a8dd4ec1e9bd7006f9efc9e5b
c7197ac11a25886b41feae687bf038b7396048a4cd44b261b0fc2281b0952a6a
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cde2f211748f34a378b365d8dc7d50d1a10cc95f2b496fde86a99657dfeb3c32
ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
d07e4e836cd124671484a38ab283ec1350fb73ad53576467c881f7c8d0cf4724
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
d1626ead5be3b93c5e4c47f4a8770438fddad715e10091b758a6b5ea488a130b
d27049015bfa3e2b16c5ba1ceaabd1dd5f8dde1d7328892a3c136fa7e4f4e79c
d45acca0ad4275bead10cb1f40152b503e68f2324d4211f5b6cb0d44615125e4
d4887b618c05a3860e88dd98fb93fcfce39bb5e94f8faa78dca4b0fee48500bb
d6602be0a69f79f69f7d6afe52eacd5576e28efe03c224e9e68983f90457d869
d83d69490b396f0951cb61c01068348ed88bcc06f099242e6e554f5dd9eaf1f6
daeb8c9cdee78aff968d4ae04c5200b1055a9f0be7037dcbf9ed18a2569ad804
db28dee3188db0ff0467d7183b85858c0a7f4536c6da42116d9e2bd622c628c8
dce3673298be4dc503a4c592e99f51ea1976ca53153ff9471bf713e31b78f343
dda2ee212c28e13dc8dcc02592c31984d79a093d43587f04072b0e39bd846fcb
df664f663d05aee9ae2f902c95328da1f231d77965e22c99cccbc0ff50be2e13
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
e0173217f068b0d2ca3be4e67a47a4a93db5b2138a9806d7a71fe7aab679e726
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0b4fb437dcaadf2cdefdf6683164b9e0806690d38039e60ca24931d20a5274b
e0de5ebc6421fb3d279d6bc8e6776b737740cfb27468eee029d3e4540298ae0c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ce6f9035f344273090fb0577a4fbb1d779cf37bc796b0562cb74478bcf6909
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5dbce7a651650a0d0e72753675e83a082ede4f395be199f88fe8a5930aed7d0
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8cee5a22f055d054992c663926f15e185768509764ae08a470be4ae2835d861
eb5036bad8662eb3aeca1984456f9d3bbc3ad934ef96c6e46f64a86fbae1d5af
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb8958b37843949e6a1d11be515a8a16d8bc0c801532ce0229dc874b61d08e42
ec38d20e03f80b022f190520a91fe222337cc0a4683ca3d294ccbe165c5c8c01
ed163235ac3b07f67dea8cf8cf888bb8b511c3ce0491f1c9d44cadda335636e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef76888962399ce2019fcb4a9b41291c9fd42bdbb18baa04bd4c5989bcc3fe80
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f0fc41b219afc93d024364efeae9244e8d1152189e749f2df30c1628c533fa27
f15bb91ee057ddd53a9ba420110246abf42d52680779a9241dc4d6c0a630f62b
f18275049daa1832b33c32fc9aa5712e9b92687aa886501265f9fe5a68a7fee9
f2372b5746a7c8eccffeb32c5d71f2c714dec6d99d8de3aa13822559bef90461
f26089f52db1a1542c4df0a4721519d7fb1ea9e4bcccc6888b68afb6593b4cb2
f5b2811bb2115a9eb09f3390dd78e10d409bfa58491b77042f8eda1023d1ab2c
f9ea70640bd2e9597c3216379efc05643392affd822e291e783f584ccf565944
fc224d3011797e57d3347c2634fb65febbd148d567e888bcca566026ed314fab
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fea6e657a1e731bed37587f90346a14cbf2f43296a9c73ef2125f8b4843be14c
ff25806ee306cc6438d3efdd46f8fd14d2ea14e909a625c15506909bf7f4d5d1
ff72b5d28bbdd4f749e02db6540a9f3398a0156d6f19fdbed6723ba25318942a

folkd.com Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

695 Requests

83 %HTTPS

37 %IPv6

85 Domains

117 Subdomains

72 IPs

12 Countries

9682 kBTransfer

25722 kBSize

75 Cookies

10 Outgoing links

Page URL History

Redirected requests

695 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

folkd.com Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

695
Requests

83 %
HTTPS

37 %
IPv6

85
Domains

117
Subdomains

72
IPs

12
Countries

9682 kB
Transfer

25722 kB
Size

75
Cookies

695 HTTP transactions
12 data transactions