www.folkd.com Open in urlscan Pro
2606:4700:3035::ac43:caae Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.folkd.com/user/vieclambienhoadongnai
Submission: On August 18 via manual (August 18th 2021, 1:30:12 pm UTC) from VN

Summary HTTP 77 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 21 domains to perform 77 HTTP transactions. The main IP is 2606:4700:3035::ac43:caae, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.folkd.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 8th 2021. Valid for: a year.

This is the only time www.folkd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:303... 2606:4700:3035::ac43:caae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:219... 2600:9000:2190:9c00:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	99.83.169.100 99.83.169.100	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
20	89.163.211.233 89.163.211.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	3.66.124.68 3.66.124.68	16509 (AMAZON-02) (AMAZON-02)
2	89.163.211.242 89.163.211.242	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
1 6	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
4 4	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.79.227.54 178.79.227.54	22822 (LLNW) (LLNW)
2	145.239.2.103 145.239.2.103	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
77	28

14 2606:4700:3035::ac43:caae (United States)

ASN13335 (CLOUDFLARENET, US)

www.folkd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:9c00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.169.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: a3436eee63857ff41.awsglobalaccelerator.com

gaa.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 89.163.211.233 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

brain.rvty.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.124.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-124-68.eu-central-1.compute.amazonaws.com

trx.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.163.211.242 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

cdn.rvty.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 144.76.91.199 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

ad18.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.239.217 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.227.54 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-227-54.vie.llnw.net

asset.conrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.2.103 (France)

ASN16276 (OVH, FR)
PTR: ns3082036.ip-145-239-2.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	rvty.net brain.rvty.net cdn.rvty.net	99 KB
14	folkd.com www.folkd.com	173 KB
7	ad-srv.net 1 redirects ad.ad-srv.net ad18.ad-srv.net	8 KB
7	yandex.com 2 redirects mc.yandex.com	2 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	175 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	5 KB
4	adscale.de js.adscale.de gaa.adscale.de trx.adscale.de	12 KB
3	google.com www.google.com adservice.google.com	1 KB
2	contentspread.net cdn.contentspread.net	4 KB
2	zenaps.com 2 redirects www.zenaps.com	1 KB
2	awin1.com 2 redirects www.awin1.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	yandex.ru 1 redirects mc.yandex.ru	72 KB
1	conrad.com asset.conrad.com	22 KB
1	conrad.de www.conrad.de	706 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	655 B
1	gstatic.com www.gstatic.com	133 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
1	googleapis.com ajax.googleapis.com	24 KB
77	21

	Domain	Requested by
20	brain.rvty.net	js.adscale.de brain.rvty.net cdn.rvty.net
14	www.folkd.com	www.folkd.com
7	mc.yandex.com	2 redirects www.folkd.com mc.yandex.ru
6	ad18.ad-srv.net	1 redirects brain.rvty.net ad18.ad-srv.net
5	pagead2.googlesyndication.com	www.folkd.com pagead2.googlesyndication.com tpc.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	cdn.contentspread.net	ad18.ad-srv.net
2	www.zenaps.com	2 redirects
2	www.awin1.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	cdn.rvty.net	brain.rvty.net cdn.rvty.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects www.folkd.com
2	js.adscale.de	www.folkd.com js.adscale.de
2	www.google.com	www.folkd.com tpc.googlesyndication.com
1	asset.conrad.com	ad18.ad-srv.net
1	www.conrad.de	ad18.ad-srv.net
1	ad.ad-srv.net	brain.rvty.net
1	trx.adscale.de	js.adscale.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	gaa.adscale.de	js.adscale.de
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	www.folkd.com
1	ajax.googleapis.com	www.folkd.com
77	29

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
vieclam.dongnai.vn
facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-08` - `2022-01-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.adscale.de Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.rvty.net Sectigo RSA Domain Validation Secure Server CA	`2020-09-02` - `2021-10-04`	a year	crt.sh
ad-srv.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
www.conrad.de Cloudflare Inc ECC CA-3	`2021-05-17` - `2022-05-16`	a year	crt.sh
asset.conrad.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-21` - `2022-08-20`	a year	crt.sh
contentspread.net R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.folkd.com/user/vieclambienhoadongnai
Frame ID: 9770935B0AD4CCB7ED83E98D6340733E
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: E61A229427818A6D5E89635CFAF91DCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1629293374&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629293374740&bpp=4&bdt=189&idt=107&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2214243453259&frm=20&pv=2&ga_vid=705950091.1629293375&ga_sid=1629293375&ga_hid=1804259283&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C20211866%2C31062297%2C31062165&oid=3&pvsid=1202342738192366&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182
Frame ID: A0CF53DAD7B82E7B0C8B8FC4667AA10D
Requests: 1 HTTP requests in this frame

Frame: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Frame ID: 77F9362E394826E588369BF2E70B7536
Requests: 5 HTTP requests in this frame

Frame: https://trx.adscale.de/imp?ej=NTIxMjU1MDUwNDc1NGNiYoJ4yvhYd8x-yEGJktIj0Di3TvLPOkH7Hf0npPq6FuVKlWLQplQoj3ScS_afy0KMJ_ARpMc5WK1OrX3Epvl7vxTHJZzzAXSPPdQTp_KKWYUl8RelwThHvArgKpXKpnv3QIBDzKxdZYYo0hqn-4tLz22xe5idbl-0Eegpk9Wzf_c3k1e66B06xliMC6n3ihyRUqBhidB-A_NuuDPMwrJ69WWSVeqyTTfLD44AqKSQVtcE5zae2yJZn3b-ZYqeoHr1d4tZ6pJGe6VHz1O9qoxYhgT7CYvgMhXANYY3n5C9arAo2W34kGJ0skHoUu3Z2UiKGupB2vkLEJB7yjSMuLwtuH_bduPNbiT2Q_wNuYqIToBH7UHQq1YcxSLNL5Wo4SfkP8978ptnPukAvlzl-oRWrVvtQdD9A1_RZIpl1te0ZchjwHXlzDdy6QLuXfvnhgesVvcU0fgERtggwn-MjuJzxHTNJefIKGSwRasY5PrASfJE_QnFulwG8yTGaIWTpye7IN8z94NuN8QV9ESn8sNGy1S6Qb7nTA3mcpUlisWgc_w2jiOGhXggkRb5XfvnjFGVW_5R4_YLSf54rSSLgq5rp3fcMoyDZT2MAe5L7-eMUYUzmRCgoQFY-miNLrue_DSnCbtU5fJKDLU4rwKZ-plCzmreG5bQcC7iceFG1q3KYOJIrmn5tAVNhwOoIvSX6ASKZZtfwYNne7BgnUTZ_4Axvxe5c-PmHwvfE_ggjIzlQ_Zzm0nBh3k473GcQ7To1CGUFf9_o-MaDosUqiaM2-MQ9iyaR8DbeWi7cZJAurrQcsQdr36m6UBc2RDwJduI6RTzJJkflMtsfqp_hVe47aBk0R67J63lXkqTUbNjlt2CSPN410jClw44-jLWQaztrHjfWrYssfRvVJ9_tzPLhMIouijVSd-ATW6vUYIG56ahWt9JoSCp5QQKjWugN9OQkWzva40CxYRqbuQFx2ey9_RO1Unubav2CwrKYaJFntWSJ6c6mi_Ckikw-k-ScbL39E7VSe59o_xCEsB_vEGG29YovDudCeGVI2HiRY1vtvf0T9lV-WyTtxlDj2ehTdeQkW3jd89cuJU1Yf8VyCKl-eUUwU3_cJrmRg3dL7xQ0JzJNqUkkhX0lS9isw2GcofVjXP6d9lMp9Z9I-NI1FCr9-4clAS8ItOfE0WMau5y5bixX9tK72edy0wW2DinPKKanX24JYEU-KU4QL1K1FXN9L9HmnDPX7bqbw6fZvYnqJDKJP8UjSb7ix1p9gjUHdziv0HTNv5Vuv8_U8Qk9nikgdcgvVGbB9uLWnH-FdhIiKO0T84l0mm45y8Vm2aMJ_zC2A67QbsM1oRKN6EA7UuPp_Qs3SjJf6LUOF7CZa8i64XOWK9drFOArVE7rgHDTZ3gnT3MMsI308glTt4j-Sv8jO5Y4BCtRbqvTCCIRotYleOAetoy_wD2gn4RuH6laaLNsUj4Ht1vhOsZeNY_1RmA95MskDzxTeuZcB-_UZZ19YTnSeIey2-P_Bx2yTTkDNjhkirTM6pCvs4tVOUWhWi5keZPoXLaMpz0DzOEd6dEm_CCLtEGv0DKkX1A7RjJZqHS0GudK41x-qlTcd42-F-D_vIP7lvMFZvZJxSsYJ0t8JedYcxh7kfelQomnVClA8Ggs1P_Q8JlvfplTfQ18HCk0v4yiyCqANnYXyuVWYMViPCMV-hFw3a8vAxY5QzqcarK6jaENqZantVqObV-jwLPpJ4UvlDHNu2wRhvQC-ZmjNb3YNs_l0SIwyN1pCncAO26hAX3HfIx4adqEZF5rmWe3-px1SeUUI3UDz2zHNsM-oyCEKdC8BnphH1YwHm1eNi25HHLMZU1y-EIMaQpwBqb2YkcpF_FR66SbV_QC_p8-rX6eYh9pCPd8QwztU6bDpTclB77X54R88NJHoBiuX3nrMR_iSvwdIGGKGzuC9calI7-TqcTtVm0qgoPgXijOK660H7iPoB1ls5jfPEUwkH-06gbjnfkV6zsVUuXcvYjzOKdKuhC0Gae2Dcv8xPDR_XU_BrYe7JSqesHDY4zc_f3kg==&rns=YzNkMzhlMDkxOTUwNDdmN6cgr0tIeU0hnXUBmqX552eVGMx_K0l0GahBNauSzYJe9C78Gk55RzuEY1vE5qTkJ6NHknQrC2UB8BEuocqGikjXLvQNZ2QWZIIzFNW48-9k9VrWN19INAbrV32xmsnNVdd29FsqOlgk0TkI3fa07XUxFWyd
Frame ID: C68E577A1CF03C683D08E068CA054717
Requests: 1 HTTP requests in this frame

Frame: https://www.conrad.de/ztpv.php?awc=11354_278235_1629293375_544802a0-0028-11ec-a5ea-692d04ef6a29&insert=AW
Frame ID: 45CB98CD59B9FDC002B5302BFB0F17AB
Requests: 1 HTTP requests in this frame

Frame: https://ad18.ad-srv.net/request_content.php?s=98019600101701301324219011690018&a=2c95aa11
Frame ID: 3F9AA57076184A2D0FB66F3959DBA9F1
Requests: 8 HTTP requests in this frame

Frame: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Frame ID: 1AC9E51A8E3ED27B0C6C0808C8DA56C8
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4F40110C93721E94C64224849ACA3AED
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9DE1218FDB199C568B5D8254A0BD4F66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

77
Requests

100 %
HTTPS

62 %
IPv6

21
Domains

29
Subdomains

28
IPs

5
Countries

817 kB
Transfer

1735 kB
Size

15
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/folkd
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/folkd
Title: facebook

Search URL Search Domain Scan URL

URL: https://vieclam.dongnai.vn/
Title: https://vieclam.dongnai.vn/

Search URL Search Domain Scan URL

URL: https://vieclam.dongnai.vn/viec-lam-huyen-vinh-cuu/cong-ty-may-mac-kna-apparel-sourcing-kcn-thanh-phu-cv21
Title: Công Ty May Mặc Kna Apparel Sourcing KCN Thạnh Phú

Search URL Search Domain Scan URL

URL: https://vieclam.dongnai.vn/viec-lam-huyen-trang-bom/cong-ty-delson-technology-tuyen-dung-kcn-song-may-cv19
Title: Công ty Delson Technology tuyển dụng KCN Sông Mây

Search URL Search Domain Scan URL

URL: https://vieclam.dongnai.vn/viec-lam-thanh-pho-bien-hoa/cong-ty-may-mac-tuyen-dung-lam-tai-kcn-amata-cv4
Title: Công ty may mặc tuyển dụng làm tại KCN Amata

Search URL Search Domain Scan URL

URL: https://vieclam.dongnai.vn/dich-vu-cung-ung-nhan-luc-la-gi-t5
Title: Dịch vụ cung ứng nhân lực là gì?

Search URL Search Domain Scan URL

URL: https://vieclam.dongnai.vn/viec-lam-thanh-pho-bien-hoa
Title: Việc làm Biên Hòa

Search URL Search Domain Scan URL

URL: https://vieclam.dongnai.vn/nhu-cau-nhan-luc-cuoi-nam-2021-nhu-the-nao-t7
Title: Nhu cầu nhân lực cuối năm 2021 như thế nào?

Search URL Search Domain Scan URL

URL: https://vieclam.dongnai.vn/viec-lam-huyen-nhon-trach/cong-ty-gach-men-nhon-trach-can-tuyen-dung-cv5
Title: Công ty Gạch Men Nhơn Trạch cần tuyển dụng

Search URL Search Domain Scan URL

URL: https://facebook.com/folkd
Title: Friend us on facebook

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9369.ckXIbr1dDI59HL5GkQhcAAADv4IbDb1ACPr_pR8rqvV2DdYs6AiB8PF6-nd-jYL5.hULG_mjYCs6w_i-CiV7Y5pNUH-g%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9369.B5z4ly3a-h2Z4GaWQ0RfV-Dc4F1DBKbKkwel-W4fElviSbqbY78NrCypBMFtZV90349_BfR49R7XjIqhmS9Idw%2C%2C.8PPLZN-8_Qhe6WsLXJzjX4cTRgk%2C

Request Chain 37

https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm=&google_tc= HTTP 302
https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEBWyeTjn-ZeYYlX0UaN0lwo&google_cver=1

Request Chain 39

https://mc.yandex.com/watch/71239210?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A324%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A593696281343%3Ahid%3A115003590%3Az%3A120%3Ai%3A20210818152935%3Aet%3A1629293375%3Ac%3A1%3Arn%3A248335679%3Au%3A1629293375956947042%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629293374398%3Ads%3A9%2C18%2C118%2C0%2C1%2C0%2C%2C172%2C2%2C%2C%2C%2C324%3Adsn%3A10%2C17%2C118%2C1%2C0%2C0%2C%2C177%2C2%2C%2C%2C%2C324%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629293375%3At%3Avieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com HTTP 302
https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A324%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A593696281343%3Ahid%3A115003590%3Az%3A120%3Ai%3A20210818152935%3Aet%3A1629293375%3Ac%3A1%3Arn%3A248335679%3Au%3A1629293375956947042%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629293374398%3Ads%3A9%2C18%2C118%2C0%2C1%2C0%2C%2C172%2C2%2C%2C%2C%2C324%3Adsn%3A10%2C17%2C118%2C1%2C0%2C0%2C%2C177%2C2%2C%2C%2C%2C324%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629293375%3At%3Avieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com

Request Chain 40

https://ad18.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=95aade57fa&subid=&uid=7af623bf020b3cb3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629293375136%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D5d8f955ba28c4c098544174e9a60ee03%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=2827934946016&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad18.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=95aade57fa&subid=&uid=7af623bf020b3cb3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629293375136%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D5d8f955ba28c4c098544174e9a60ee03%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=2827934946016&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 41

https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pv=1&pref1=98019600101701301324219011690018&gdpr=&gdpr_consent= HTTP 302
https://www.zenaps.com/cshow.php?pvr=544802a0-0028-11ec-a5ea-692d04ef6a29&v=11354&r=278235&q=371933&s=2470169&viewref=98019600101701301324219011690018&pv=1&gdpr=&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_278235_1629293375_544802a0-0028-11ec-a5ea-692d04ef6a29&insert=AW

Request Chain 45

https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pref1=98019600101701301324219011690018&gdpr=&gdpr_consent= HTTP 302
https://www.zenaps.com/cshow.php?pvr=544fcad1-0028-11ec-9723-692d00a25ac2&v=11354&r=278235&q=371933&s=2470169&viewref=98019600101701301324219011690018&gdpr=&gdpr_consent= HTTP 302
https://asset.conrad.com/media10/isa/160267/c1/-/de/SOMMERSALE21_160x600?format=gif

77 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request vieclambienhoadongnai Show response
www.folkd.com/user/ 29 KB
7 KB 145ms
118ms Document
text/html 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/user/vieclambienhoadongnai
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66ec1743dfa6c249a08fc2cae6af4979c7188b264d04bf059e3245290369bd26

Request headers

:method: GET
:authority: www.folkd.com
:scheme: https
:path: /user/vieclambienhoadongnai
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
content-type: text/html; charset=utf-8
set-cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9BYhMC46qG6ERYQtg%2FubOM72frQDKv8rjYPcsgyG%2BJEbyL4dL38aiHXcXvDSdlvpzwcF03cQtasOJkS06IXMHsoAWz89RXUTgqVcytGOHh3k0jtntw0ndWousypSrXmWGy7uC%2FSHgNiqjNd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 680b7de62c7e1f1d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 folkd.css
www.folkd.com/styles/ 39 KB
10 KB 32ms
16ms Stylesheet
text/css 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/styles/folkd.css?v=1.20
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db2e09adb3a038fa2efa016ef16f84ec56aed13a118201d01ed6b4fedbac56c

Request headers

:path: /styles/folkd.css?v=1.20
pragma: no-cache
cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.folkd.com
referer: https://www.folkd.com/user/vieclambienhoadongnai
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/vieclambienhoadongnai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Jan 2021 07:03:16 GMT
server: cloudflare
age: 6788
etag: W/"9d15-5b9b421dc4f0e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgtZ6mQ8jNIxn6Rbwr3ckOG9FgdocPQ44lw527U4XsGm3yo7QsTpIueqLxrljivcGsFg4dCXmTnJA%2FJvFRBXldzlNw3%2FliMXvZTfeRsEN0Q3YIGYIlAsULOt0u7rxrad1IWvJOwwnsKrDXb%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 680b7de71fc94321-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
653 B 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

02402554cc1ccd6be73f28e27f69066460e1b0e812ef5b475efec29393e3d42c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Wed, 18 Aug 2021 13:29:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 52ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f5dbb6cdbbf0771770cd1026eddd94c479e2f31ebcf7767023305ed608c9669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49843
x-xss-protection: 0
server: cafe
etag: 7105350476181517620
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 18 Aug 2021 13:29:34 GMT

GET
H3-29 200 logo.svg
www.folkd.com/images/ 2 KB
1 KB 21ms
15ms Image
image/svg+xml 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/logo.svg
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56356001ba467fc7240f786c964eb00db91e14603b30b527db7c0db54526b425

Request headers

:path: /images/logo.svg
pragma: no-cache
cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/vieclambienhoadongnai
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/vieclambienhoadongnai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Jan 2021 09:15:21 GMT
server: cloudflare
age: 4456
etag: W/"68a-5b8741cb69c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygC%2B22qlEbuKflyTWPP121ho0avy%2Fru66Eu4%2BQxKxfdlVLVozqE9ZnqAMHgjH3CMPXMDTm5Gx0dBAZnr9E9Wu7VwAkUsJ3xCWiR27mtYtdu7%2Fix%2FXtHpe9GozxsaUT4SD%2Bx9sj0KQApehI9G"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 680b7de7382b4321-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 offline.gif
www.folkd.com/images/ 910 B
1 KB 23ms
18ms Image
image/gif 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/offline.gif
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03538cc5b5491d983dec8a3b1f5bcfbbdd3f07f7a2525b4074e189664280a7a5

Request headers

:path: /images/offline.gif
pragma: no-cache
cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/vieclambienhoadongnai
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/vieclambienhoadongnai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4400
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 910
last-modified: Tue, 16 May 2017 07:09:28 GMT
server: cloudflare
etag: "38e-54f9eda3d113c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsifenA1b4Igh9gLLkBhsEjYR4JSzLUJd536B7KgmYjzOgiW7YmyIEe%2B%2FH35RyPgDeFuwIriRBkZfXt1cwpO7y8%2Be2sIPnpBnpyS%2FfBg5Vj7nGxnJfhgAqGvsxXzkpJbftI6f2ASI1oOu67j"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 680b7de738304321-FRA

GET
H3-29 200 userTkcEBFEAAg_big.png
www.folkd.com/images/ 7 KB
7 KB 26ms
21ms Image
image/png 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/userTkcEBFEAAg_big.png
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 547bfceaf709b040835484d1995c17a4eca8ee48eb4703352c67dbfe27c7c706

Request headers

:path: /images/userTkcEBFEAAg_big.png
pragma: no-cache
cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/vieclambienhoadongnai
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/vieclambienhoadongnai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1427
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6755
last-modified: Wed, 18 Aug 2021 13:05:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M462ZBjulxvILoAK4I%2Bn%2F754RPwBpRVClyuFzK0cTRwCuSeYv2sCCiZN3FywHYmgVWvX%2B2INSXeu6MX4nSEQv%2FWLFAr%2FJFUv5UdrSSUgIEdq4FVvsCG%2Flogf6sHUZkQSxHB%2B4WSLqnwsj2u2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86405773
accept-ranges: bytes
cf-ray: 680b7de738344321-FRA
expires: Tue, 14 May 2024 15:05:47 GMT

GET
H3-29 200 userTkcEBFEAAg.png
www.folkd.com/images/ 1 KB
2 KB 21ms
16ms Image
image/png 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/userTkcEBFEAAg.png
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da04fd5fa27be5ef40b10598ed8f1aa55e399f92f69a40e9527c715241dc55a4

Request headers

:path: /images/userTkcEBFEAAg.png
pragma: no-cache
cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/vieclambienhoadongnai
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/vieclambienhoadongnai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1427
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1481
last-modified: Wed, 18 Aug 2021 13:05:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxSh%2Bs%2Bit0BmTGzJKVaj33cmUA7Azsx9G%2FkAqZ%2FYNwUHZQdN%2BNlx%2FpSXCN3LmeMubaOyfBMjh%2BlZEDm31KzpmIKDigBFGvUlE2y5g%2Bb%2FuWWPRXGLlej%2FbIGIO11c5y6pgQQQISWq4FcaqsCO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86405773
accept-ranges: bytes
cf-ray: 680b7de7383c4321-FRA
expires: Tue, 14 May 2024 15:05:47 GMT

GET
H3-29 200 div_x.gif
www.folkd.com/images/ 971 B
2 KB 22ms
17ms Image
image/gif 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/div_x.gif
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8180abcb91f876e9e3749696063dd70d4125c5389b83b1a85715fc7fea7c4486

Request headers

:path: /images/div_x.gif
pragma: no-cache
cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/vieclambienhoadongnai
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/vieclambienhoadongnai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5732
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 971
last-modified: Tue, 16 May 2017 07:09:28 GMT
server: cloudflare
etag: "3cb-54f9eda3a03ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4ZvHIt73ax%2FJPaki0Jd2ParGOffnnHbyzcbgGltu%2FiDX%2FqLlTaWEb%2F8WJfsuFiam%2F0pPU4iOUI%2BtZSxdPFWZlIR4W015uNzfHSS0foEN1rNhn%2FT0NqcDRxbyiKe8Hx22JjFnVgwLDJQtLQK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 680b7de7383d4321-FRA

GET
H3-29 200 dot-tag.gif
www.folkd.com/images/ 989 B
2 KB 44ms
39ms Image
image/gif 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/dot-tag.gif
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09e1e05e792c205625b4692d601237e48a5d5b468b7399bf95024ac833feefa7

Request headers

:path: /images/dot-tag.gif
pragma: no-cache
cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/vieclambienhoadongnai
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/vieclambienhoadongnai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 May 2017 07:09:27 GMT
server: cloudflare
etag: "3dd-54f9eda35fcc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJY0vtd70myLawFfzpY%2FvkF0yT3bM3Ohp4q4a9LSisskUWm%2F%2BeEWLf5BCFaPEbJUtiEm9wBndW8hE0GuGUZPlLFMF1i%2BBYO%2FwcTcGmg9jgPqOUbgMlhBNHF2oc0K4FrfBI%2BVx1W8rQl4SOLO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 680b7de7383f4321-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 989

GET
H3-29 200 email-decode.min.js Show response
www.folkd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.folkd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.folkd.com
referer: https://www.folkd.com/user/vieclambienhoadongnai
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/vieclambienhoadongnai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 10:09:00 GMT
server: cloudflare
etag: W/"6114f33c-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOE%2FoiTu%2FmSyjMphRLRhpi5Ju9jqlPoM7JlwMczBYMcOA4VQ%2FX4gT5eM27TtpvyOWnyEVtGT2Xes7huiaaFD0S2rIIcnhCAA34AwqHuBr7Ow7x1ET2cliccJEp7l3%2FEM%2FzaovtCGRaDfKlun"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 680b7de71fd94321-FRA
vary: Accept-Encoding
expires: Fri, 20 Aug 2021 13:29:34 GMT

GET
H2 200 getads.js Show response
js.adscale.de/ 25 KB
9 KB 48ms
12ms Script
application/javascript 2600:9000:2190:9c00:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/getads.js
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e13ad0fd149b388477adcd6417fd3cf2bc0a71f614c5a51e1845f88ad3b8c12

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eyeA48zhI0XdFKGFfEELJ7lqKdKD2mHI
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 03:15:33 GMT
server: AmazonS3
age: 5119
etag: W/"50bb3a4af6413e0bf7a261465cbb90af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Wed, 18 Aug 2021 12:20:35 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: QTdGUBPTjYe6r9m3RG1qQs7AkyaQq5usr3TPmSiudvosyCCFy5-l2g==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
24 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 07:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 07:52:20 GMT

GET
H3-29 200 jquery.cookie.js Show response
www.folkd.com/js/ 4 KB
2 KB 19ms
14ms Script
text/html 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/js/jquery.cookie.js
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5

Request headers

:path: /js/jquery.cookie.js
pragma: no-cache
cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.folkd.com
referer: https://www.folkd.com/user/vieclambienhoadongnai
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/vieclambienhoadongnai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Aug 2021 11:59:16 GMT
server: cloudflare
age: 5418
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEyjNcf3ZdSPtbB7QomNmxF5OCNo%2FPtW42gGp%2Bo3bURrZ88Fk07oNnUzmKfYjg%2Fw1wzKsckMG2641QmoDZgt8ehlm8TwiyEYnybxPlUh9DQH67%2B9OmCgyfyAPidM6miXMmyotZ%2F0sajpPhiB"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 680b7de738224321-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 common.js Show response
www.folkd.com/js/ 12 KB
4 KB 51ms
45ms Script
text/javascript 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/js/common.js
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5cdd1311fda5aefb51f9945fb526884dfc01e9468dced4bffdb4bd65b5a723c

Request headers

:path: /js/common.js
pragma: no-cache
cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.folkd.com
referer: https://www.folkd.com/user/vieclambienhoadongnai
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/vieclambienhoadongnai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FopPRVcDkQG2DD5DZFdTDMtZxv9V5u32KWKQbn552r%2ByKXWDwx7%2FxPzWeTzVr1KKSR9qoDJYDP%2FCEZ3qU7DzOvEC8Lsd3qEsCVJOnHMuhGUo0kPskCqUVBgHX1rS6dmTYavnCsr4iT7WK8zS"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 680b7de738244321-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 200 page_userdetails.js Show response
www.folkd.com/js/ 483 B
811 B 20ms
14ms Script
text/html 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/js/page_userdetails.js
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ca7e8fd30f014ba4d5a9a1e6ea49beb7df76cfe6053e9ca0cc267f45f92e1a8

Request headers

:path: /js/page_userdetails.js
pragma: no-cache
cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.folkd.com
referer: https://www.folkd.com/user/vieclambienhoadongnai
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/vieclambienhoadongnai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Aug 2021 11:59:16 GMT
server: cloudflare
age: 5418
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56l4wCnM0Sfb3lc4bPTnfVagTxtoCj8fqcbCtYPYPLZcsX4EZzO6xbeWZQ6npcbotP8fmQNPGAzQMxgOoPuc%2FFKo7IGMxgxLRJs%2FrRMeI6mO3WtK5dgJ1MwZIl4ni6Rjs31NDl6Z38XE2MTZ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 680b7de738274321-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 25ms
21ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4499241-1

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e3ec3a6d9e4047ad08e9c2a47519d282ae588353cd864318e8feb85864e8593

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41004
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Aug 2021 13:29:34 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/ 341 KB
133 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea0613bc3e7ee6394796116296f9ca5d04a47487c331814b71341bc00bb3456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.folkd.com
Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 10:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136003
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 09:02:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 10:38:27 GMT

GET
H3-29 200 folkd-sprite.png
www.folkd.com/images/ 121 KB
122 KB 24ms
21ms Image
image/png 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/folkd-sprite.png
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/styles/folkd.css?v=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 688811b41e86684db597160601b55b64ef059d2fba49dfd5651d65f865de7738

Request headers

:path: /images/folkd-sprite.png
pragma: no-cache
cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/styles/folkd.css?v=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/styles/folkd.css?v=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6381
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 123879
last-modified: Tue, 16 May 2017 07:09:28 GMT
server: cloudflare
etag: "1e3e7-54f9eda3e49bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdTXoLBVKB4DHxYYh0QXX4aovjx7MpuIzZXi4yWso%2FmMI1zJ6uqZUCU0Q6OvO4ZXjznrWFw%2FUrOxh%2BIyJFOs57ecJnhaXsSdGvLVWzEIXHxHXPqc6Cw60uST%2FjD0WN5tHJzRCS%2FHQjlPUGVV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 680b7de738434321-FRA

GET
H3-29 200 new_updates_bnr.png
www.folkd.com/images/ 11 KB
12 KB 46ms
44ms Image
image/png 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/new_updates_bnr.png?v=3
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6c5626e0eab1555c89fd50d7f166f3e5ecd812a28c94fc842051dcec1191a5

Request headers

:path: /images/new_updates_bnr.png?v=3
pragma: no-cache
cookie: PHPSESSID=caovluan5u2pkq6cvb3mh253t4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/vieclambienhoadongnai
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/vieclambienhoadongnai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6381
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11344
last-modified: Mon, 22 Feb 2021 14:37:04 GMT
server: cloudflare
etag: "2c50-5bbedbc478400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrfRmzVUMu2AbvCadUuNVJ6T3Q24AGVjd9q8j1nPoTYumz%2F5y1QkjmvVqDrWl4tMRWwq1mBpsWd0KLjUF%2FO7rOFsoQnXqKESIrol%2FeUn7my%2Fjm9qpoyxlDaz%2BcTorznwFEPhgVHzPcR93Xvk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 680b7de738464321-FRA

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 225 KB
72 KB 45ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

dc6045016d46e4682d7ca0c4669a05794699a50abe0bee108e2d16e747e00eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: br
last-modified: Wed, 18 Aug 2021 13:04:30 GMT
etag: "611112b5-11dd4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73172
expires: Wed, 18 Aug 2021 14:29:34 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
93 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95569
x-xss-protection: 0
server: cafe
etag: 15041329415598805064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 18 Aug 2021 13:29:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame E61A 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210812/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.folkd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.folkd.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 17 Aug 2021 20:32:15 GMT
expires: Tue, 31 Aug 2021 20:32:15 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 61039
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 impr Show response
gaa.adscale.de/ 3 KB
4 KB 164ms
113ms Script
text/javascript 99.83.169.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=YjY2ODA=&nu=0&t=1629293374794&ssl=1&pos=below&ws=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&uuid=fda8d493-03e8-4514-8fd8-02bd57a44341
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.169.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: dd9c2d1b4b3af97c3e7300fecd684868a979e8787d31a09bddb091334131254a

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
cache-control: no-cache
p3p: CP=NOI PSA OUR
x-robots-tag: none
content-length: 3294
content-type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4499241-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 953
date: Wed, 18 Aug 2021 13:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 18 Aug 2021 15:13:41 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
655 B 52ms
28ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.folkd.com&callback=_gfp_s_&client=ca-pub-3319618738478027

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

05611cbd6365794aecc45ef70340ba5e75373a38ecbdf7d2cca57b60b5aa51cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 19ms
18ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.folkd.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 19ms
19ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.folkd.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A0CF 0
16 B 26ms
22ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1629293374&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629293374740&bpp=4&bdt=189&idt=107&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2214243453259&frm=20&pv=2&ga_vid=705950091.1629293375&ga_sid=1629293375&ga_hid=1804259283&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C20211866%2C31062297%2C31062165&oid=3&pvsid=1202342738192366&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1629293374&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629293374740&bpp=4&bdt=189&idt=107&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2214243453259&frm=20&pv=2&ga_vid=705950091.1629293375&ga_sid=1629293375&ga_hid=1804259283&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C20211866%2C31062297%2C31062165&oid=3&pvsid=1202342738192366&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.folkd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.folkd.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 18 Aug 2021 13:29:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe4436f1d882b3acd98fb2763984bacd382664582f4918647b89894f46b871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:34 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629113446242536"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27733
x-xss-protection: 0
expires: Wed, 18 Aug 2021 13:29:34 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1804259283&t=pageview&_s=1&dl=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&ul=en-us&de=UTF-8&dt=vieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1213955790&gjid=142769606&cid=705950091.1629293375&tid=UA-4499241-1&_gid=699740032.1629293375&_r=1&gtm=2ou8g0&z=1791530276

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 13:29:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9369.ckXIbr1dDI59HL5GkQhcAAADv4IbDb1ACPr_pR8rqvV2DdYs6AiB8PF6-nd-jYL5.hULG_mjYCs6w_i-CiV7Y5pNUH-g%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9369.B5z4ly3a-h2Z4GaWQ0RfV-Dc4F1DBKbKkwel-W4fElviSbqbY78NrCypBMFtZV90349_BfR49R7XjIqhmS9Idw%2C%2C.8PPLZN-8_Qhe6WsLXJzjX4cTRgk%2C

75 B
75 B

44ms
44ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9369.B5z4ly3a-h2Z4GaWQ0RfV-Dc4F1DBKbKkwel-W4fElviSbqbY78NrCypBMFtZV90349_BfR49R7XjIqhmS9Idw%2C%2C.8PPLZN-8_Qhe6WsLXJzjX4cTRgk%2C

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:35 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9369.B5z4ly3a-h2Z4GaWQ0RfV-Dc4F1DBKbKkwel-W4fElviSbqbY78NrCypBMFtZV90349_BfR49R7XjIqhmS9Idw%2C%2C.8PPLZN-8_Qhe6WsLXJzjX4cTRgk%2C
date: Wed, 18 Aug 2021 13:29:35 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
84 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-4499241-1&cid=705950091.1629293375&jid=1213955790&gjid=142769606&_gid=699740032.1629293375&_u=YAhAAUAAAAAAAC~&z=1687711048

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 18 Aug 2021 13:29:35 GMT
content-type: text/plain
access-control-allow-origin: https://www.folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
132 B 48ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:35 GMT
last-modified: Wed, 18 Aug 2021 13:04:30 GMT
etag: "611112b5-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 18 Aug 2021 14:29:35 GMT

GET
H2 403 userconnect.js
js.adscale.de// 0
0 138ms
137ms Script
application/xml 2600:9000:2190:9c00:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de//userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200 Cookie set ShowAd Show response
brain.rvty.net/RTB/ Frame 77F9 1 KB
1 KB 41ms
13ms Document
text/html 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 95cbebaec13b00a30a8aeaf686494ce603e07e7e6e35675c0fc9f281e27beebd

Request headers

Host: brain.rvty.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.folkd.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.folkd.com/

Response headers

Server: nginx/1.13.4
Date: Wed, 18 Aug 2021 13:29:35 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: RTBUserId=a667936c-c225-4f5d-ad24-df1338c51fae; path=/; SameSite=None; secure; Expires=Thu, 18 Aug 2022 15:29:35 CEST RTBUserId-Old=a667936c-c225-4f5d-ad24-df1338c51fae; path=/; secure; Expires=Thu, 18 Aug 2022 15:29:35 CEST RTBUserId-Plain=a667936c-c225-4f5d-ad24-df1338c51fae; path=/; Expires=Thu, 18 Aug 2022 15:29:35 CEST
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Encoding: gzip

GET
H/1.1 204
No Content imp Show response
trx.adscale.de/ Frame C68E 0
149 B 70ms
17ms Script
application/javascript 3.66.124.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trx.adscale.de/imp?ej=NTIxMjU1MDUwNDc1NGNiYoJ4yvhYd8x-yEGJktIj0Di3TvLPOkH7Hf0npPq6FuVKlWLQplQoj3ScS_afy0KMJ_ARpMc5WK1OrX3Epvl7vxTHJZzzAXSPPdQTp_KKWYUl8RelwThHvArgKpXKpnv3QIBDzKxdZYYo0hqn-4tLz22xe5idbl-0Eegpk9Wzf_c3k1e66B06xliMC6n3ihyRUqBhidB-A_NuuDPMwrJ69WWSVeqyTTfLD44AqKSQVtcE5zae2yJZn3b-ZYqeoHr1d4tZ6pJGe6VHz1O9qoxYhgT7CYvgMhXANYY3n5C9arAo2W34kGJ0skHoUu3Z2UiKGupB2vkLEJB7yjSMuLwtuH_bduPNbiT2Q_wNuYqIToBH7UHQq1YcxSLNL5Wo4SfkP8978ptnPukAvlzl-oRWrVvtQdD9A1_RZIpl1te0ZchjwHXlzDdy6QLuXfvnhgesVvcU0fgERtggwn-MjuJzxHTNJefIKGSwRasY5PrASfJE_QnFulwG8yTGaIWTpye7IN8z94NuN8QV9ESn8sNGy1S6Qb7nTA3mcpUlisWgc_w2jiOGhXggkRb5XfvnjFGVW_5R4_YLSf54rSSLgq5rp3fcMoyDZT2MAe5L7-eMUYUzmRCgoQFY-miNLrue_DSnCbtU5fJKDLU4rwKZ-plCzmreG5bQcC7iceFG1q3KYOJIrmn5tAVNhwOoIvSX6ASKZZtfwYNne7BgnUTZ_4Axvxe5c-PmHwvfE_ggjIzlQ_Zzm0nBh3k473GcQ7To1CGUFf9_o-MaDosUqiaM2-MQ9iyaR8DbeWi7cZJAurrQcsQdr36m6UBc2RDwJduI6RTzJJkflMtsfqp_hVe47aBk0R67J63lXkqTUbNjlt2CSPN410jClw44-jLWQaztrHjfWrYssfRvVJ9_tzPLhMIouijVSd-ATW6vUYIG56ahWt9JoSCp5QQKjWugN9OQkWzva40CxYRqbuQFx2ey9_RO1Unubav2CwrKYaJFntWSJ6c6mi_Ckikw-k-ScbL39E7VSe59o_xCEsB_vEGG29YovDudCeGVI2HiRY1vtvf0T9lV-WyTtxlDj2ehTdeQkW3jd89cuJU1Yf8VyCKl-eUUwU3_cJrmRg3dL7xQ0JzJNqUkkhX0lS9isw2GcofVjXP6d9lMp9Z9I-NI1FCr9-4clAS8ItOfE0WMau5y5bixX9tK72edy0wW2DinPKKanX24JYEU-KU4QL1K1FXN9L9HmnDPX7bqbw6fZvYnqJDKJP8UjSb7ix1p9gjUHdziv0HTNv5Vuv8_U8Qk9nikgdcgvVGbB9uLWnH-FdhIiKO0T84l0mm45y8Vm2aMJ_zC2A67QbsM1oRKN6EA7UuPp_Qs3SjJf6LUOF7CZa8i64XOWK9drFOArVE7rgHDTZ3gnT3MMsI308glTt4j-Sv8jO5Y4BCtRbqvTCCIRotYleOAetoy_wD2gn4RuH6laaLNsUj4Ht1vhOsZeNY_1RmA95MskDzxTeuZcB-_UZZ19YTnSeIey2-P_Bx2yTTkDNjhkirTM6pCvs4tVOUWhWi5keZPoXLaMpz0DzOEd6dEm_CCLtEGv0DKkX1A7RjJZqHS0GudK41x-qlTcd42-F-D_vIP7lvMFZvZJxSsYJ0t8JedYcxh7kfelQomnVClA8Ggs1P_Q8JlvfplTfQ18HCk0v4yiyCqANnYXyuVWYMViPCMV-hFw3a8vAxY5QzqcarK6jaENqZantVqObV-jwLPpJ4UvlDHNu2wRhvQC-ZmjNb3YNs_l0SIwyN1pCncAO26hAX3HfIx4adqEZF5rmWe3-px1SeUUI3UDz2zHNsM-oyCEKdC8BnphH1YwHm1eNi25HHLMZU1y-EIMaQpwBqb2YkcpF_FR66SbV_QC_p8-rX6eYh9pCPd8QwztU6bDpTclB77X54R88NJHoBiuX3nrMR_iSvwdIGGKGzuC9calI7-TqcTtVm0qgoPgXijOK660H7iPoB1ls5jfPEUwkH-06gbjnfkV6zsVUuXcvYjzOKdKuhC0Gae2Dcv8xPDR_XU_BrYe7JSqesHDY4zc_f3kg==&rns=YzNkMzhlMDkxOTUwNDdmN6cgr0tIeU0hnXUBmqX552eVGMx_K0l0GahBNauSzYJe9C78Gk55RzuEY1vE5qTkJ6NHknQrC2UB8BEuocqGikjXLvQNZ2QWZIIzFNW48-9k9VrWN19INAbrV32xmsnNVdd29FsqOlgk0TkI3fa07XUxFWyd
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.124.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-124-68.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=3600
Expires: Wed, 18 Aug 2021 14:29:35 GMT

GET
H/1.1 200
OK ads_view.js Show response
cdn.rvty.net/view/ Frame 77F9 3 KB
4 KB 44ms
12ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/view/ads_view.js
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 13:29:35 GMT
Last-Modified: Fri, 20 Dec 2019 09:27:25 GMT
Server: nginx/1.13.4
ETag: "5dfc93fd-d40"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3392

GET
H/1.1

200

GoogleMatch
brain.rvty.net/RTB/ Frame 77F9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm=&google_tc=
https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEBWyeTjn-ZeYYlX0UaN0lwo&google_cver=1

43 B
553 B

13ms
11ms

Image
image/gif

89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEBWyeTjn-ZeYYlX0UaN0lwo&google_cver=1
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 13:29:35 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 13:29:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEBWyeTjn-ZeYYlX0UaN0lwo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 292
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 4sxtd47yng2k Show response
ad.ad-srv.net/zone/ Frame 77F9 10 KB
3 KB 47ms
12ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/4sxtd47yng2k?subid=&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629293375136%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D5d8f955ba28c4c098544174e9a60ee03%26gdpr%3D0%26gdpr_consent%3D%26dest%3D
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 3377f438420a836595ca640d7b9bfed8e3dfdb3bc26cfa2c153bfa2311009afb

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 13:29:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2844
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2

200

1 Show response
mc.yandex.com/watch/71239210/
Redirect Chain

https://mc.yandex.com/watch/71239210?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A324%3...
https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A324...

316 B
453 B

48ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A324%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A593696281343%3Ahid%3A115003590%3Az%3A120%3Ai%3A20210818152935%3Aet%3A1629293375%3Ac%3A1%3Arn%3A248335679%3Au%3A1629293375956947042%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629293374398%3Ads%3A9%2C18%2C118%2C0%2C1%2C0%2C%2C172%2C2%2C%2C%2C%2C324%3Adsn%3A10%2C17%2C118%2C1%2C0%2C0%2C%2C177%2C2%2C%2C%2C%2C324%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629293375%3At%3Avieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/vieclambienhoadongnai

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

345467e392777d540317ff44607c0317aa74aa2d8437b2f592ded3384839343e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 13:29:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 18-Aug-2021 13:29:35 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.folkd.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Wed, 18-Aug-2021 13:29:35 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 13:29:35 GMT
last-modified: Wed, 18-Aug-2021 13:29:35 GMT
location: /watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A324%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A593696281343%3Ahid%3A115003590%3Az%3A120%3Ai%3A20210818152935%3Aet%3A1629293375%3Ac%3A1%3Arn%3A248335679%3Au%3A1629293375956947042%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629293374398%3Ads%3A9%2C18%2C118%2C0%2C1%2C0%2C%2C172%2C2%2C%2C%2C%2C324%3Adsn%3A10%2C17%2C118%2C1%2C0%2C0%2C%2C177%2C2%2C%2C%2C%2C324%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629293375%3At%3Avieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.folkd.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 18-Aug-2021 13:29:35 GMT

GET
H/1.1

200
OK

request.php Show response
ad18.ad-srv.net/ Frame 77F9
Redirect Chain

https://ad18.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=95aade57fa&subid=&uid=7af623bf020b3cb3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x6...
https://ad18.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=95aade57fa&subid=&uid=7af623bf020b3cb3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x6...

2 KB
1 KB

64ms
41ms

Script
application/x-javascript

144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad18.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=95aade57fa&subid=&uid=7af623bf020b3cb3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629293375136%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D5d8f955ba28c4c098544174e9a60ee03%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=2827934946016&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 48b398567e8b10e21ad14ca47b40f1db7e2709b870a56a9502e71bd402a4f30a

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 13:29:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 98019600101701301324219011690018
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 732
Expires: Wed, 18 Aug 2021 14:29:35 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 13:29:35 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=95aade57fa&subid=&uid=7af623bf020b3cb3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629293375136%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D5d8f955ba28c4c098544174e9a60ee03%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=2827934946016&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 18 Aug 2021 14:29:35 +0200

GET
H2

200

ztpv.php Show response
www.conrad.de/ Frame 45CB
Redirect Chain

https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pv=1&pref1=98019600101701301324219011690018&gdpr=&gdpr_consent=
https://www.zenaps.com/cshow.php?pvr=544802a0-0028-11ec-a5ea-692d04ef6a29&v=11354&r=278235&q=371933&s=2470169&viewref=98019600101701301324219011690018&pv=1&gdpr=&gdpr_consent=
https://www.conrad.de/ztpv.php?awc=11354_278235_1629293375_544802a0-0028-11ec-a5ea-692d04ef6a29&insert=AW

0
706 B

67ms
43ms

Document
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.conrad.de/ztpv.php?awc=11354_278235_1629293375_544802a0-0028-11ec-a5ea-692d04ef6a29&insert=AW

Requested by

Host: ad18.ad-srv.net
URL: https://ad18.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=95aade57fa&subid=&uid=7af623bf020b3cb3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629293375136%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D5d8f955ba28c4c098544174e9a60ee03%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=2827934946016&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: www.conrad.de
:scheme: https
:path: /ztpv.php?awc=11354_278235_1629293375_544802a0-0028-11ec-a5ea-692d04ef6a29&insert=AW
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://brain.rvty.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://brain.rvty.net/

Response headers

date: Wed, 18 Aug 2021 13:29:35 GMT
content-type: text/html; charset=UTF-8
server-timing: intid;desc=bd60d6568dea44ce intid;desc=af8cb206055a7e4c
cache-control: no-cache
expires: -1
set-cookie: HTLP_timestamp=1629293375; expires=Mon, 23-Aug-2021 13:29:35 GMT; Max-Age=432000; path=/; secure; SameSite=None CEAffHA=YD; expires=Mon, 23-Aug-2021 13:29:35 GMT; Max-Age=432000; path=/; secure; SameSite=None __cf_bm=6637775091326b76d3e3ebf9a9fdd9876d4159c7-1629293375-1800-AerV5bXtdoGzUZds/nZFoMZxerltS2/Ygs0pGPoINPv1txWsbsUWPdp5h13fjYgGmPyAlXjdFM4A4ion1Cg+Ygo=; path=/; expires=Wed, 18-Aug-21 13:59:35 GMT; domain=.www.conrad.de; HttpOnly; Secure; SameSite=None
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
age: 0
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 680b7ded6b364a5c-FRA
content-encoding: br

Redirect headers

Location: https://www.conrad.de/ztpv.php?awc=11354_278235_1629293375_544802a0-0028-11ec-a5ea-692d04ef6a29&insert=AW
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length: 0
Date: Wed, 18 Aug 2021 13:29:35 GMT
Connection: keep-alive
Set-Cookie: awpv11354=278235|1629293375|544802a0-0028-11ec-a5ea-692d04ef6a29;domain=.zenaps.com;path=/;expires=Saturday, 21-Aug-2021 13:29:35 UTC;Secure;SameSite=None AWSESS=377133:2470169;domain=.zenaps.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200
OK request_content.php Show response
ad18.ad-srv.net/ Frame 3F9A 6 KB
2 KB 36ms
12ms Document
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad18.ad-srv.net/request_content.php?s=98019600101701301324219011690018&a=2c95aa11
Requested by: Host: ad18.ad-srv.net
URL: https://ad18.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=95aade57fa&subid=&uid=7af623bf020b3cb3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629293375136%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D5d8f955ba28c4c098544174e9a60ee03%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=2827934946016&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 8d02b9d1bb37e9d3f0c2cc54cdd10a922a992524cbe2a272b4a2c994f699e447

Request headers

Host: ad18.ad-srv.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://brain.rvty.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: kdb0xdq3ls8m_uid=362643a6a394604f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://brain.rvty.net/

Response headers

Date: Wed, 18 Aug 2021 13:29:35 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 18 Aug 2021 14:29:35 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2060
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
cdn.rvty.net/_files/js/ Frame 1AC9 91 KB
91 KB 17ms
17ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/view/ads_view.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 13:29:35 GMT
Last-Modified: Wed, 08 Jan 2020 08:13:37 GMT
Server: nginx/1.13.4
ETag: "5e158f31-16bb3"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93107

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 11ms
11ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:35 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H2

200

SOMMERSALE21_160x600
asset.conrad.com/media10/isa/160267/c1/-/de/ Frame 3F9A
Redirect Chain

https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pref1=98019600101701301324219011690018&gdpr=&gdpr_consent=
https://www.zenaps.com/cshow.php?pvr=544fcad1-0028-11ec-9723-692d00a25ac2&v=11354&r=278235&q=371933&s=2470169&viewref=98019600101701301324219011690018&gdpr=&gdpr_consent=
https://asset.conrad.com/media10/isa/160267/c1/-/de/SOMMERSALE21_160x600?format=gif

21 KB
22 KB

59ms
20ms

Image
image/gif

178.79.227.54
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.conrad.com/media10/isa/160267/c1/-/de/SOMMERSALE21_160x600?format=gif

Requested by

Host: ad18.ad-srv.net
URL: https://ad18.ad-srv.net/request_content.php?s=98019600101701301324219011690018&a=2c95aa11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.54 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-54.vie.llnw.net

Software

Cliplister GmbH /

Resource Hash

a7701deb1b5a1c107625a6e2a118ed0a20e46001d2d73db0a085d811a1398b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ad18.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:35 GMT
last-modified: Wed, 18 Aug 2021 06:59:10 GMT
server: Cliplister GmbH
age: 22870
etag: "611cafbe-54a5"
strict-transport-security: max-age=15768000
reporting: eyJjb25zdW1lcmlkIjoxNjAyNjcsIm93bmVyaWQiOjE2MDI2NywidW5pcXVlaWQiOiIxNjAyNjc0cXZ4VWNOMzNoT195WG0wc2RmWUhNQVQiLCJ1dWlkIjoiYTcxNjFiMDM4ZWY2YjQ1MDliZmQ1MzZiYmVjY2M1ZDZjIiwiYXNzZXR0eXBlIjoicGljdHVyZSJ9
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=172800
x-server: c20
accept-ranges: bytes
content-length: 21669
x-llid: a57348ad698693db0bc3b872c771ee3d
expires: Fri, 20 Aug 2021 07:08:25 GMT

Redirect headers

Date: Wed, 18 Aug 2021 13:29:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://asset.conrad.com/media10/isa/160267/c1/-/de/SOMMERSALE21_160x600?format=gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad18.ad-srv.net/ Frame 3F9A 0
150 B 36ms
13ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad18.ad-srv.net/viewability?s=98019600101701301324219011690018&a=40d83197&vb=m
Requested by: Host: ad18.ad-srv.net
URL: https://ad18.ad-srv.net/request_content.php?s=98019600101701301324219011690018&a=2c95aa11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad18.ad-srv.net/request_content.php?s=98019600101701301324219011690018&a=2c95aa11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 13:29:35 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 3F9A 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/oliro/tools/js/ Frame 3F9A 851 B
1 KB 38ms
10ms Script
application/javascript 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/oliro/tools/js/addDoubleBorder.js
Requested by: Host: ad18.ad-srv.net
URL: https://ad18.ad-srv.net/request_content.php?s=98019600101701301324219011690018&a=2c95aa11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer: https://ad18.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 13:29:35 GMT
Last-Modified: Sun, 01 Mar 2015 14:40:33 GMT
Server: nginx
ETag: "54f324e1-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK oba_icon.png
cdn.contentspread.net/oliro/oba/ Frame 3F9A 3 KB
3 KB 38ms
7ms Image
image/png 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/oliro/oba/oba_icon.png
Requested by: Host: ad18.ad-srv.net
URL: https://ad18.ad-srv.net/request_content.php?s=98019600101701301324219011690018&a=2c95aa11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Referer: https://ad18.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 13:29:35 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:49 GMT
Server: nginx
ETag: "57a48d4d-c35"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3125

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

997e69acd69f6dd6a50f5ae04968fa7f6270578c7a9f4cc9c5e0eac20c889169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 13:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8620
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 265ms
264ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 18 Aug 2021 13:29:35 GMT

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 11ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:35 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4F40 12 KB
5 KB 20ms
13ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.folkd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.folkd.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 18 Aug 2021 13:01:03 GMT
expires: Thu, 18 Aug 2022 13:01:03 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9DE1 783 B
532 B 19ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e8e652cbc8b1305018c411bf127c5ff25f570c7659f50b2f50982b051003a87

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+B0ZktPReV80iqUUqj/yKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.folkd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.folkd.com/

Response headers

expires: Wed, 18 Aug 2021 13:29:35 GMT
date: Wed, 18 Aug 2021 13:29:35 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+B0ZktPReV80iqUUqj/yKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F40 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 08:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13268
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 08:47:56 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
93ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210812&jk=1202342738192366&bg=!X1ylXBjNAAZvV8FTb1c7ACkAdvg8Wub3HA9KzuIheRXewMZhUlvg3Xo7B90TXHmko99bfkvUngCXYgIAAADTUgAAAAloAQcKABs265lxTYiHIB7mtkZs3DHARtNm655VZH_xA9qZAmmzBqe157loHI1U8f1pIghL8gQb3w5dbpDnU_2slRhAd6m088gzxKcjrjvUBTRlGjZLFv6heO3cpXvMB-_mo7UijW_IaGFzqmrlkOuZDMSzkHFVV8odGY2WcYKJsVTUuZRXRkuvseDKdyeNNIJY5E9v5Jb9qw2H59Q6Et9Wha0ceqZ2rTpFkR2rZv6A14JejalJgADAR6TDsqL0mW4JbKDPWcyjx_4lLFLmCB99FGhPYHa8vtB_WNiF3ZFAuLRZX_NiW2-BVz8tdcFZ7Ycn5KKnfbjYtvXCp46M-0DjpWEgIRNBuoCLa2862jpQ9KUwLQ71r8zF-mdlvcP5kme9gwSI_i2Vbpl8TQdtVwfd_1HNWpTpc6ZtURQ_Mxzn4Yu3FVh7bl04vDpVUy1BX_UKkFjMfQAWvSGZecgTdEPdufsHr2NB2HLqb2O-M2UYu_EEGCQJg0Hq0ZirpxKQAAp4PAKS5h89ZWl2oWzJw91XyOVml1B8Ihxn5DKgiCBbl-0ZoFVl9pvNxupcLZ8fID9MMkLr-FmGmTnIKUQdu0WiuFAxF8EiGbGfbFbu-2nBhYeVmj7WcsvOElzpe2H1O_kobisgE7CQEPCdf6eo85dSNGlgYVMykW7L5VrofBpguEiZ4AGv1M-ZOxmmyTVDB1PLnGOlCp4t-udNf31LKkb-cuzkAiH2In-bOo7K5XdXt9M-ROd3ThEEb0qX4Cz_0OSPmFJIxNsNxnI0j5LNsig6vUoSx9sQy1ozfWVgegGFp1VWlRqp5TEkRKCoLlDZ6fxjDrffepyvl2yYMCKYLtDDo_-RPHGNPnQdToSrLA
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 11ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:36 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad18.ad-srv.net/ Frame 3F9A 0
150 B 38ms
13ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad18.ad-srv.net/viewability?s=98019600101701301324219011690018&a=40d83197&vb=v
Requested by: Host: ad18.ad-srv.net
URL: https://ad18.ad-srv.net/request_content.php?s=98019600101701301324219011690018&a=2c95aa11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad18.ad-srv.net/request_content.php?s=98019600101701301324219011690018&a=2c95aa11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 13:29:36 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 11ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:36 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 12ms
11ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:37 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H2 200 71239210 Show response
mc.yandex.com/webvisor/ 43 B
73 B 136ms
135ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71239210?wmode=0&wv-part=1&wv-hit=115003590&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rn=606122584&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629293378%3Aw%3A1600x1200%3Av%3A611%3Az%3A120%3Ai%3A20210818152937%3Au%3A1629293375956947042%3Avf%3A12vwkywz4p6qw9gg56%3Awe%3A1%3Ati%3A2%3Ast%3A1629293378

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 13:29:37 GMT
last-modified: Wed, 18-Aug-2021 13:29:37 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.folkd.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 18-Aug-2021 13:29:37 GMT

POST
H2 200 71239210 Show response
mc.yandex.com/webvisor/ 43 B
148 B 108ms
108ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71239210?wmode=0&wv-part=1&wv-hit=115003590&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rn=897798269&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1629293378%3Aw%3A1600x1200%3Av%3A611%3Az%3A120%3Ai%3A20210818152937%3Au%3A1629293375956947042%3Avf%3A12vwkywz4p6qw9gg56%3Awe%3A1%3Ati%3A2%3Ast%3A1629293378

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 13:29:37 GMT
last-modified: Wed, 18-Aug-2021 13:29:37 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.folkd.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 18-Aug-2021 13:29:37 GMT

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 43ms
43ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:38 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 14ms
14ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:38 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 13ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:39 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 221ms
221ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:39 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 14ms
13ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:40 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 12ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:43 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 12ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:46 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 225ms
225ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:49 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 15ms
15ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:52 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 13ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:55 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad18.ad-srv.net/ Frame 3F9A 0
150 B 41ms
18ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad18.ad-srv.net/viewability?s=98019600101701301324219011690018&a=40d83197&vb=v20
Requested by: Host: ad18.ad-srv.net
URL: https://ad18.ad-srv.net/request_content.php?s=98019600101701301324219011690018&a=2c95aa11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad18.ad-srv.net/request_content.php?s=98019600101701301324219011690018&a=2c95aa11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 13:29:55 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 24ms
24ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:29:58 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 42ms
36ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:30:01 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility
brain.rvty.net/RTB/ Frame 1AC9 0
119 B 11ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=5d8f955ba28c4c098544174e9a60ee03&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a667936c-c225-4f5d-ad24-df1338c51fae&euid=af30bdc8d1bbfd6bdc6de6e8371b9e8c8cf0e8f6a3b2159f294babea29f796a2&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 18 Aug 2021 13:30:04 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.conrad.de/	1970-01-19 20:34:55	Name: __cf_bm Value: 6637775091326b76d3e3ebf9a9fdd9876d4159c7-1629293375-1800-AerV5bXtdoGzUZds/nZFoMZxerltS2/Ygs0pGPoINPv1txWsbsUWPdp5h13fjYgGmPyAlXjdFM4A4ion1Cg+Ygo=
www.conrad.de/	1970-01-19 20:42:05	Name: HTLP_timestamp Value: 1629293375
.ad-srv.net/	1970-01-19 22:44:29	Name: kdb0xdq3ls8m_uid Value: 362643a6a394604f
brain.rvty.net/	1970-01-20 05:20:36	Name: RTBUserId Value: a667936c-c225-4f5d-ad24-df1338c51fae
.doubleclick.net/	1970-01-20 05:56:29	Name: IDE Value: AHWqTUndkkWt3ZD3o_OSRRxm2UEhbKr6An5-idLHQxPdGPK-ACTLb89KeU9PRPiPXco
www.conrad.de/	1970-01-19 20:42:05	Name: CEAffHA Value: YD
.folkd.com/	1970-01-19 20:34:55	Name: _ym_visorc Value: w
.folkd.com/	1970-01-20 05:20:29	Name: _ym_d Value: 1629293375
.folkd.com/	1970-01-20 05:56:29	Name: __gads Value: ID=011c9c287fe5631c-225e9165adc9005c:T=1629293374:RT=1629293374:S=ALNI_MZEXEhvNYvbvYglR83r6paFqYfrog
.folkd.com/	1970-01-20 14:06:05	Name: _ga Value: GA1.2.705950091.1629293375
.folkd.com/	1970-01-19 20:36:05	Name: _ym_isad Value: 2
.folkd.com/	1970-01-19 20:36:19	Name: _gid Value: GA1.2.699740032.1629293375
.folkd.com/	1970-01-20 05:20:29	Name: _ym_uid Value: 1629293375956947042
.folkd.com/	1970-01-19 20:34:53	Name: _gat_gtag_UA_4499241_1 Value: 1
www.folkd.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: caovluan5u2pkq6cvb3mh253t4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.ad-srv.net
ad18.ad-srv.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
asset.conrad.com
brain.rvty.net
cdn.contentspread.net
cdn.rvty.net
cm.g.doubleclick.net
gaa.adscale.de
googleads.g.doubleclick.net
js.adscale.de
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
trx.adscale.de
www.awin1.com
www.conrad.de
www.folkd.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.zenaps.com
104.111.239.217
142.250.184.226
142.250.186.130
144.76.91.199
145.239.2.103
176.9.26.250
178.79.227.54
2600:9000:2190:9c00:f:4f64:8940:93a1
2606:4700:3035::ac43:caae
2606:4700::6812:7e05
2a00:1450:4001:800::2002
2a00:1450:4001:808::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c08::9a
2a02:6b8::1:119
3.66.124.68
89.163.211.233
89.163.211.242
99.83.169.100
00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054
02402554cc1ccd6be73f28e27f69066460e1b0e812ef5b475efec29393e3d42c
03538cc5b5491d983dec8a3b1f5bcfbbdd3f07f7a2525b4074e189664280a7a5
05611cbd6365794aecc45ef70340ba5e75373a38ecbdf7d2cca57b60b5aa51cb
09e1e05e792c205625b4692d601237e48a5d5b468b7399bf95024ac833feefa7
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500
1e8e652cbc8b1305018c411bf127c5ff25f570c7659f50b2f50982b051003a87
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ca7e8fd30f014ba4d5a9a1e6ea49beb7df76cfe6053e9ca0cc267f45f92e1a8
2e3ec3a6d9e4047ad08e9c2a47519d282ae588353cd864318e8feb85864e8593
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3377f438420a836595ca640d7b9bfed8e3dfdb3bc26cfa2c153bfa2311009afb
345467e392777d540317ff44607c0317aa74aa2d8437b2f592ded3384839343e
3db2e09adb3a038fa2efa016ef16f84ec56aed13a118201d01ed6b4fedbac56c
48b398567e8b10e21ad14ca47b40f1db7e2709b870a56a9502e71bd402a4f30a
4f5dbb6cdbbf0771770cd1026eddd94c479e2f31ebcf7767023305ed608c9669
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
547bfceaf709b040835484d1995c17a4eca8ee48eb4703352c67dbfe27c7c706
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56356001ba467fc7240f786c964eb00db91e14603b30b527db7c0db54526b425
5e13ad0fd149b388477adcd6417fd3cf2bc0a71f614c5a51e1845f88ad3b8c12
61fe4436f1d882b3acd98fb2763984bacd382664582f4918647b89894f46b871
66ec1743dfa6c249a08fc2cae6af4979c7188b264d04bf059e3245290369bd26
688811b41e86684db597160601b55b64ef059d2fba49dfd5651d65f865de7738
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8180abcb91f876e9e3749696063dd70d4125c5389b83b1a85715fc7fea7c4486
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8a6c5626e0eab1555c89fd50d7f166f3e5ecd812a28c94fc842051dcec1191a5
8d02b9d1bb37e9d3f0c2cc54cdd10a922a992524cbe2a272b4a2c994f699e447
95cbebaec13b00a30a8aeaf686494ce603e07e7e6e35675c0fc9f281e27beebd
997e69acd69f6dd6a50f5ae04968fa7f6270578c7a9f4cc9c5e0eac20c889169
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7701deb1b5a1c107625a6e2a118ed0a20e46001d2d73db0a085d811a1398b12
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
aea0613bc3e7ee6394796116296f9ca5d04a47487c331814b71341bc00bb3456
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c5cdd1311fda5aefb51f9945fb526884dfc01e9468dced4bffdb4bd65b5a723c
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
da04fd5fa27be5ef40b10598ed8f1aa55e399f92f69a40e9527c715241dc55a4
dc6045016d46e4682d7ca0c4669a05794699a50abe0bee108e2d16e747e00eea
dd9c2d1b4b3af97c3e7300fecd684868a979e8787d31a09bddb091334131254a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

www.folkd.com Open in urlscan Pro 2606:4700:3035::ac43:caae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

62 %IPv6

21 Domains

29 Subdomains

28 IPs

5 Countries

817 kBTransfer

1735 kBSize

15 Cookies

11 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.folkd.com Open in urlscan Pro
2606:4700:3035::ac43:caae Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

62 %
IPv6

21
Domains

29
Subdomains

28
IPs

5
Countries

817 kB
Transfer

1735 kB
Size

15
Cookies

77 HTTP transactions
1 data transactions