www.folkd.com Open in urlscan Pro
2606:4700:3035::ac43:caae Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3wkPE0Y
Effective URL:
https://www.folkd.com/user/hoatuoi9xcom1
Submission: On July 14 via automatic, source links-suspicious (July 14th 2021, 12:31:29 am UTC)

Summary HTTP 71 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 20 domains to perform 71 HTTP transactions. The main IP is 2606:4700:3035::ac43:caae, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.folkd.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 8th 2021. Valid for: a year.

This is the only time www.folkd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
15	2606:4700:303... 2606:4700:3035::ac43:caae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:219... 2600:9000:2190:d600:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
4	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	75.2.86.129 75.2.86.129	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
15	89.163.211.233 89.163.211.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	18.158.66.80 18.158.66.80	16509 (AMAZON-02) (AMAZON-02)
2	89.163.211.242 89.163.211.242	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
2 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	178.79.227.54 178.79.227.54	22822 (LLNW) (LLNW)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
71	27

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3035::ac43:caae (United States)

ASN13335 (CLOUDFLARENET, US)

www.folkd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:d600:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.86.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: a3436eee63857ff41.awsglobalaccelerator.com

gaa.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 89.163.211.233 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

brain.rvty.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.66.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-66-80.eu-central-1.compute.amazonaws.com

trx.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.163.211.242 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

cdn.rvty.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.150 (Lingenfeld, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

ad8.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.227.54 (United States)

ASN22822 (LLNW, US)

asset.conrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	rvty.net brain.rvty.net cdn.rvty.net	98 KB
15	folkd.com www.folkd.com	167 KB
7	yandex.com 2 redirects mc.yandex.com	2 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	170 KB
6	ad-srv.net 1 redirects ad.ad-srv.net ad8.ad-srv.net	8 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	5 KB
4	adscale.de js.adscale.de gaa.adscale.de trx.adscale.de	13 KB
3	google.com www.google.com adservice.google.com	1 KB
2	awin1.com 2 redirects www.awin1.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	yandex.ru 1 redirects mc.yandex.ru	71 KB
2	googleapis.com ajax.googleapis.com	102 KB
1	conrad.com asset.conrad.com	28 KB
1	conrad.de www.conrad.de	706 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	258 B
1	gstatic.com www.gstatic.com	133 KB
1	googletagmanager.com www.googletagmanager.com	37 KB
1	bit.ly 1 redirects bit.ly	147 B
71	20

	Domain	Requested by
15	brain.rvty.net	js.adscale.de brain.rvty.net cdn.rvty.net
15	www.folkd.com	www.folkd.com
7	mc.yandex.com	2 redirects www.folkd.com mc.yandex.ru
5	ad8.ad-srv.net	1 redirects brain.rvty.net ad8.ad-srv.net
5	pagead2.googlesyndication.com	www.folkd.com pagead2.googlesyndication.com tpc.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.awin1.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	cdn.rvty.net	brain.rvty.net cdn.rvty.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects www.folkd.com
2	ajax.googleapis.com	www.folkd.com ad8.ad-srv.net
2	js.adscale.de	www.folkd.com js.adscale.de
2	www.google.com	www.folkd.com tpc.googlesyndication.com
1	asset.conrad.com	ad8.ad-srv.net
1	www.conrad.de	ad8.ad-srv.net
1	ad.ad-srv.net	brain.rvty.net
1	trx.adscale.de	js.adscale.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	gaa.adscale.de	js.adscale.de
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	www.folkd.com
1	bit.ly	1 redirects
71	28

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
hoatuoi9x.com
devpost.com
www.ulule.com
www.pearltrees.com
linkhay.com
facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-08` - `2022-01-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.adscale.de Amazon	`2020-09-06` - `2021-10-06`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.rvty.net Sectigo RSA Domain Validation Secure Server CA	`2020-09-02` - `2021-10-04`	a year	crt.sh
ad-srv.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
www.conrad.de Cloudflare Inc ECC CA-3	`2021-05-17` - `2022-05-16`	a year	crt.sh
asset.conrad.com GeoTrust RSA CA 2018	`2020-06-19` - `2021-08-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.folkd.com/user/hoatuoi9xcom1
Frame ID: B611C967BDCD0CAE80466000CBF1520E
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/zrt_lookup.html
Frame ID: C76A3A3A365266DA204BAD1496B49CAA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1626222668&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626222668541&bpp=3&bdt=196&idt=84&shv=r20210708&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1897807005777&frm=20&pv=2&ga_vid=779628854.1626222669&ga_sid=1626222669&ga_hid=1044991804&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2059903315110358&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=110
Frame ID: 7D639A38067D899B17C2DEAE8BFBF457
Requests: 1 HTTP requests in this frame

Frame: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Frame ID: B5A62E914DF105A05E33798FF07680DA
Requests: 5 HTTP requests in this frame

Frame: https://trx.adscale.de/imp?ej=Yjk0YmY5YjQxNzA5NGNiZGZoY5thhZ1VKFp_N9IWMDNKSgzpCOL0O2E-XQ3wclgeKHM10TzVw1lZEy46xhQqPARRXL9Voao4NUFLS5J9R1l3JT3SJYOQCQNzfXmgT3FvTxAE6gmh43BtECkKgnVAWX0mNtg7l9VIWiIfJqAHJSgpT1u9Ga33emoQLguQMAgZHRtrjSOexkBaKAA-qQhSOzE5Hv5G7I8keBIiXJs7MVhUAHjLJ9u2EExwEmX4CFRvMjZI_xO-hCF5EyNH1Co1GlFCIZB96v1RHDEZd_gIRnY-Nmj0X9DMYCoGLVvaezUGblcagDG1vilOJBdq6E0ZJAokatBQx8pHK1ZeDsp3KxcmBgO5NOXwZRlvbGj4Tx92RDUxgQDUxgMgWV8LwS0tRCUBBrJh5PRiAnV9YqhJVWYfIzaDQ8jWEXEFLwfZADFEJQECt3L74HNBMQJhujJXaRE4YI5fwtIRJBxkA40CZQ10XFTrOfrwPQZrDWf5akc3RWpkxxuSlVRhA3lFw1x3B2lIFrN50fQ5EWIQIq0VEyVTei-BSObFCz1AZEfeYTEfNRtD8i3K52pZIRQzuxN4exchYZVMq8pSb0cjCoxxGkJzDAunKNuocENlSmf8A38xAGVkyXyi2BVhX3hL3mAQRG4RFrA_zbxwQ2VaD5tCPGYKdGDZXKjoCTMAeDW5Bnk1QSAviX6Eym1WdhFW3EkKF3sCeMAwwIU6BVQ9dKw7ZXMOYR2yeaSnACcwVVnOAlxLOlYq0EGJ1DcRVid74iA5M0o5WbUl3KdSYx9DWdgCWAR-ADiCEeifagd8d229Y2k0TGYM5CLdqwtmHkZeilEKAnQDPNYVuZ44Xnt2aLtlMmZAM1-yId39CT0ZRgrYUxBKYkAwx1O-mEBNO3wo4Go-eFZ5HvFnkKhiYRkaRI8FTCgkEH2URaqYTFE1OCXrdi9JSHUw9TfN8SIBUEpGjhhba3JFHsAC4dNBczUrMuduPiIWZyTiM9XlcUUFCR7FAl9Mcg5KhWO0ghRnPyt9qmwtLRYgLuBBmKByDk1YCegFSQ8sEADQdbSCFGc_K326ZCdkDiow_kWArjYBVlkOziZOBX0ICs9rsIIUcSQwYbxPOnxfMjrjScPxeFMeRBPJKhZeO1tXhiewmBc9PH4xnmNSG2QIHN9088pWbXksE7JBMXQKe3mxALqkMAJbFjH8Dm43RTUq9E7u-2NWCV9_uyxCFSZaRIcrgI81M3ssFtRCYC8EDwrMZc_YexFXDmSxJhVMYWtItSiuqhx4OSxexVRgKU1JO8Zp2ogmShUOO703CEgjLl6UCK7tBHAkIAuRFWsnUFoX-mvCmGAVV3Rk5XQHZiU-fp8Fof1CLzEVCJYRK0RDVwzscfGPK0xUV2HyMxEwMSJpwFOI5k4gMDsOhFZCVVJNB6QA7ZI7UBIBaOU6MTB-b2jWaYr7VQZ3cxuMVV8SRE06kyWnyWQ2QF0qvntqMGhvVeFMwKAKdzAtCIRZDlhKQ3eOPqnHYxl0THzlOms2PjESrASLohY0FykSkUgKWhMAMIAm5NB_U35HUf09eS52chK6BIC1EzoIIiOEEBxbFUM_2SmxhCsYJABM9nl7MnsRWr5A3uoJIgZlOdsaHlwPYzvSbe_IJQBpF1C8c3AGYA1e8FfNrVAtCnI-yAERak08PdJ778w0THoGW7pAYRpvBh-1Go7uGG4bYjrKNARoK2dr1HnrgGwcfkAA6FFxRUgCBaALiuxBLVxsIok1EDU8Z3f2bvifKEIyThirZ1V5EVVGxlnWrxBsAWw0iQMmCVAxJ7Yts91GCXMfXeZtBDNyY2L6AIHsdj5dLm_IXCYfUAcRilDonBNSNEAKnjlUbDlof6hqysohfARiJrxaOwNSARr9Ga-4bB1wAU7ZPhk5NGB2jnyDmh54E2Qnr1t9akcQI-cYoaB4GX8XQoN5FAwmQFGCa8TODDtFcSPvCnEgBCUk6w-HvGVPIB5znW8CRWpRBtFp5tAWKgw8FugGZgwOZFajDJW1eF4uBnCJahVpIkYz1mXx5hA_XGMUwA5FG0c1VrgR09x2XjAQcewsIG4uUQbNc5CzGzNffiGeSVMLQCUk9xXx32hWc1xA-jowaixAYZZnn7YGMQB-esgUAi8BdU20FOzGVlByChStZkdOcxsk2nOf5GxhXDJRgFNrbBB0V65RpdBCURkfZKxxDwVjBDvPKPW5OjR1VgCOSy0zWjJerh2RjVgGQG4063hIC2IHOpZ_pO9hMiZeUtxPfTtAehq2X4TPQR220rM=&rns=YTJmNzcwOGFhOGY1NDkwNVxrwwAmfrOtYh041UPTHfllXaU0QxuDlAcrC-IgtnucVD_ADSV4tbYrCWWNVN8d5QNWrmNACpeMX3sQ6Hj9c4p3P8gaDGXk6S1ZKpwKiBamVUvqID1UyMtPME71bqoshGRpxgJRIbqnbQoggALGUaSY2FIL
Frame ID: 9B0C6E51D6F8CCC8D1ABF078008EF79B
Requests: 1 HTTP requests in this frame

Frame: https://www.conrad.de/ztpv.php?awc=11354_278235_1626222670_c94c50b0-e43a-11eb-946d-692d0237e2f2&insert=AW
Frame ID: 29E6CDFA5A4CCFAE5DA1132ED6173864
Requests: 1 HTTP requests in this frame

Frame: https://ad8.ad-srv.net/request_content.php?s=58230800007278001324219011655008&a=e02445b3
Frame ID: 604C83E8E9CD02ECDF3542473E505427
Requests: 5 HTTP requests in this frame

Frame: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Frame ID: 9BAD96791DC437D666C48E68032D1F96
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7CFE2AEF01256820E437815F0390719E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3872EE5472D650C54E0E7EB7FEC79435
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3wkPE0Y HTTP 301
https://www.folkd.com/user/hoatuoi9xcom1 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

71
Requests

100 %
HTTPS

63 %
IPv6

20
Domains

28
Subdomains

27
IPs

4
Countries

881 kB
Transfer

1791 kB
Size

15
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/folkd
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/folkd
Title: facebook

Search URL Search Domain Scan URL

URL: https://hoatuoi9x.com/
Title: https://hoatuoi9x.com/

Search URL Search Domain Scan URL

URL: https://devpost.com/hoatuoi9xcom
Title: https://devpost.com/hoatuoi9xcom

Search URL Search Domain Scan URL

URL: https://www.ulule.com/hoatuoi9xcom
Title: https://www.ulule.com/hoatuoi9xcom/

Search URL Search Domain Scan URL

URL: https://www.pearltrees.com/hoatuoi9xcom
Title: https://www.pearltrees.com/hoatuoi9xcom

Search URL Search Domain Scan URL

URL: https://linkhay.com/u/vaobong99com
Title: https://linkhay.com/u/vaobong99com

Search URL Search Domain Scan URL

URL: https://facebook.com/folkd
Title: Friend us on facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3wkPE0Y HTTP 301
https://www.folkd.com/user/hoatuoi9xcom1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9333.aQ86TmRv9xyMef462ZEg4jScv9gogGcL-ABX2A0PhEwid5nhgdEI13EqIlQPXfJm.5ZmSaB0pBuA9J7pwOn7c3Y-xV20%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9333.tc_mtz8EWH9gjkWWwLGhXs9OdP8klyYzAFtRlKYq2F_udyi-iEvj-R31JUIuRk0WaOzPus8qrFwZ_F1Y-4Fa1Q%2C%2C.GNXxINPgY5-xMW8XDUq0R_FeDK8%2C

Request Chain 37

https://mc.yandex.com/watch/71239210?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A368%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1597113744432%3Ahid%3A444515591%3Az%3A120%3Ai%3A20210714023108%3Aet%3A1626222669%3Ac%3A1%3Arn%3A265185367%3Au%3A1626222669391051526%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626222668114%3Ads%3A1%2C16%2C102%2C1%2C104%2C0%2C%2C179%2C1%2C%2C%2C%2C411%3Adsn%3A1%2C16%2C102%2C1%2C105%2C0%2C%2C186%2C1%2C%2C%2C%2C412%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626222669%3At%3Ahoatuoi9xcom1%20%7C%20user%20details%20%7C%20folkd.com HTTP 302
https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A368%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1597113744432%3Ahid%3A444515591%3Az%3A120%3Ai%3A20210714023108%3Aet%3A1626222669%3Ac%3A1%3Arn%3A265185367%3Au%3A1626222669391051526%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626222668114%3Ads%3A1%2C16%2C102%2C1%2C104%2C0%2C%2C179%2C1%2C%2C%2C%2C411%3Adsn%3A1%2C16%2C102%2C1%2C105%2C0%2C%2C186%2C1%2C%2C%2C%2C412%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626222669%3At%3Ahoatuoi9xcom1%20%7C%20user%20details%20%7C%20folkd.com

Request Chain 39

https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm=&google_tc= HTTP 302
https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESENgWxS3LYQ3ofg3uJrm22M8&google_cver=1

Request Chain 41

https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=8e268cbf6c&subid=&uid=af0a12a61ee03714&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1626222669774%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D80cc1159296f4ee09e637cefe1be9fc6%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=7480895406697&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=8e268cbf6c&subid=&uid=af0a12a61ee03714&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1626222669774%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D80cc1159296f4ee09e637cefe1be9fc6%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=7480895406697&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 42

https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pv=1&pref1=58230800007278001324219011655008&gdpr=&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_278235_1626222670_c94c50b0-e43a-11eb-946d-692d0237e2f2&insert=AW

Request Chain 47

https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pref1=58230800007278001324219011655008&gdpr=&gdpr_consent= HTTP 302
https://asset.conrad.com/media10/isa/160267/c1/-/de/summer_160x600?format=gif

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request hoatuoi9xcom1 Show response
www.folkd.com/user/
Redirect Chain

https://bit.ly/3wkPE0Y
https://www.folkd.com/user/hoatuoi9xcom1

22 KB
6 KB

120ms
102ms

Document
text/html

2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0539c693b26ace134ac758344d99adf4689a95682797741e6913a7d2e97ec8f6

Request headers

:method: GET
:authority: www.folkd.com
:scheme: https
:path: /user/hoatuoi9xcom1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
content-type: text/html; charset=utf-8
set-cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=J9fBbSGQPUBb9nbQRJODpI9bD5vJTlcwoFqCte%2BRv2YPuOEexX9SikU%2BwnjwWnFrfHNdXacMHrtpAVSbSuLn4%2FpXBME93ievJkjoNHgpRH755eSwDnti8FM2YPPM%2BEEi56ymGnBp7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66e6a57c79764e43-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

server: nginx
date: Wed, 14 Jul 2021 00:31:08 GMT
content-type: text/html; charset=utf-8
content-length: 127
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://www.folkd.com/user/hoatuoi9xcom1
referrer-policy: unsafe-url
set-cookie: _bit=l6e0v8-081a73c9ac294e72c0-003; Domain=bit.ly; Expires=Mon, 10 Jan 2022 00:31:08 GMT
via: 1.1 google
alt-svc: clear

GET
H3-29 200 folkd.css
www.folkd.com/styles/ 39 KB
9 KB 29ms
16ms Stylesheet
text/css 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/styles/folkd.css?v=1.20
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db2e09adb3a038fa2efa016ef16f84ec56aed13a118201d01ed6b4fedbac56c

Request headers

:path: /styles/folkd.css?v=1.20
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.folkd.com
referer: https://www.folkd.com/user/hoatuoi9xcom1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/hoatuoi9xcom1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Jan 2021 07:03:16 GMT
server: cloudflare
age: 3379
etag: W/"9d15-5b9b421dc4f0e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tj8tHA5LZXrFJr3MazHni4Umv%2FNopG9PY1aGxOTjWLxKQ4IQ0lgjL1RMXEkrD1CdIEH5wWXdYUGtC7nwSznXlf5dxEf1YaT4I06r1myJevKQDTsMUgnEYdr4goyKK2ndTLVA79Xcyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66e6a57d5aa42fa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
651 B 26ms
25ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b53381303a6bc0505e09d23f4c49c2e48e90493b8b78b9f7372682d0d27ac5e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 559
x-xss-protection: 1; mode=block
expires: Wed, 14 Jul 2021 00:31:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 27ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d557ac01f6bfe50ee326ee5f2d49f424ec776af5da5abb4231083ab4a772feb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48558
x-xss-protection: 0
server: cafe
etag: 17065370731229648185
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Jul 2021 00:31:08 GMT

GET
H3-29 200 logo.svg
www.folkd.com/images/ 2 KB
1 KB 22ms
18ms Image
image/svg+xml 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/logo.svg
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56356001ba467fc7240f786c964eb00db91e14603b30b527db7c0db54526b425

Request headers

:path: /images/logo.svg
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/hoatuoi9xcom1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/hoatuoi9xcom1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Jan 2021 09:15:21 GMT
server: cloudflare
age: 4729
etag: W/"68a-5b8741cb69c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MJ16fRrfuziHQE5%2FEzmVGB%2F8asZHqqMjpNfTIwh8Kbf6QEUpFs0o3a1KmbMTBeBBKm2AFvhROdTONADv8VLcFhBNWUj1sxKyz%2FdJIfYQdfPM5fo97gT46kszCrdl8SMYZ7KBWSwcjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 66e6a57d8ac42fa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 offline.gif
www.folkd.com/images/ 910 B
1 KB 23ms
19ms Image
image/gif 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/offline.gif
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03538cc5b5491d983dec8a3b1f5bcfbbdd3f07f7a2525b4074e189664280a7a5

Request headers

:path: /images/offline.gif
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/hoatuoi9xcom1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/hoatuoi9xcom1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2122
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 910
last-modified: Tue, 16 May 2017 07:09:28 GMT
server: cloudflare
etag: "38e-54f9eda3d113c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H6mLR6g9SrTR7Bjy5pbm37hqF7aWD%2FYFAsIHDckyq1RK4QGQv%2FFQ7Lp86UsxE0X5Y5QeMIGkQX7waUOtyMTDIyIDkdVBcKcIozZQX8qm7oe10oM7bmtqXFZ4gJRVtrftrQ5MVYKJ4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66e6a57d8ac52fa5-FRA

GET
H3-29 200 userTkcCA1EPAQ_big.png
www.folkd.com/images/ 3 KB
3 KB 19ms
15ms Image
image/png 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/userTkcCA1EPAQ_big.png
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8df95039d01dffc9f8bed21058436e12f52a0866d107a800cfb141fa5134977e

Request headers

:path: /images/userTkcCA1EPAQ_big.png
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/hoatuoi9xcom1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/hoatuoi9xcom1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7v4eLmV%2BeKfCcy%2FrNJlcaqT0wyOWpVtQF6EvTZYLKw4qa37%2FAShUBGjQT2EWo8cKQVtdIdpwZkXZLhwPqk4f4y9v8YxorCwLIWWayEP0%2F6F6yfzwpGsMQK6YV90ZdYjZXvkE1sXaaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86407176
accept-ranges: bytes
cf-ray: 66e6a57d8ac62fa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2793
expires: Tue, 09 Apr 2024 02:30:44 GMT

GET
H3-29 200 userTkcCA1EPAQ.png
www.folkd.com/images/ 632 B
1 KB 19ms
15ms Image
image/png 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/userTkcCA1EPAQ.png
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a35dbc7791c1c16b1be0f35ff6db81338c24f4f028d0f6909dea350e9f19accc

Request headers

:path: /images/userTkcCA1EPAQ.png
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/hoatuoi9xcom1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/hoatuoi9xcom1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EYhRF6rF5XvzegmjNaxlDU962z6fsahtESzmY0fQe6rW5UYpTuzCK5hmp8j%2Ff0aP9hpVGb7J6eiVoMf8ZZivVuq3QDbwwQbc5ktRtWm2luaNROb9lBV5kDew8gqnoXZdYQPCoY1%2FUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86407176
accept-ranges: bytes
cf-ray: 66e6a57d8ac82fa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 632
expires: Tue, 09 Apr 2024 02:30:44 GMT

GET
H3-29 200 userTkcCBFEBDQ.png
www.folkd.com/images/ 743 B
1 KB 20ms
16ms Image
image/png 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/userTkcCBFEBDQ.png
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b70e27767d2874998f4da584d0dcee85689d1dfcea8af7f148e7a71099c8ac1a

Request headers

:path: /images/userTkcCBFEBDQ.png
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/hoatuoi9xcom1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/hoatuoi9xcom1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hAOJG4GkACBLX4vDTrAu8a9FizqUiH55gN7vQahA146KuvHK8B7tSGho75GApWg4U2FuZEHR5IZt7jb9PoMj09Bix9AGq8Kr7ki1TsR0pM1gxc34v%2B3qNQPZoLgVs1Ng8lQxJxPQFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86407176
accept-ranges: bytes
cf-ray: 66e6a57d8ac92fa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 743
expires: Tue, 09 Apr 2024 02:30:44 GMT

GET
H3-29 200 userTkIIDlUODQ.png
www.folkd.com/images/ 1 KB
2 KB 27ms
23ms Image
image/gif 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/userTkIIDlUODQ.png
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3257767220339f2d90be109c653f320eaa20fef3821ec0f0ed04033a0cb7b6aa

Request headers

:path: /images/userTkIIDlUODQ.png
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/hoatuoi9xcom1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/hoatuoi9xcom1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=end62g4qb6V9lNT%2BaKWR%2FPLOaT11idV33VBaGL2sl2elGzh5DRQPuFulCv16lUKvFEQt6nYDfO967wWNUILDrSGhXBiZuVctlclrL4gndKwLm1XV8%2FiZTVatPrMJFshdmgXWuij5ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86407176
accept-ranges: bytes
cf-ray: 66e6a57d8aca2fa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1185
expires: Tue, 09 Apr 2024 02:30:44 GMT

GET
H3-29 200 div_x.gif
www.folkd.com/images/ 971 B
2 KB 19ms
15ms Image
image/gif 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/div_x.gif
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8180abcb91f876e9e3749696063dd70d4125c5389b83b1a85715fc7fea7c4486

Request headers

:path: /images/div_x.gif
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/hoatuoi9xcom1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/hoatuoi9xcom1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6485
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 971
last-modified: Tue, 16 May 2017 07:09:28 GMT
server: cloudflare
etag: "3cb-54f9eda3a03ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Hf0lV1wUDzjIKs%2F6He9EnhP9K%2FrOsA4JGTy4VJDRe2H4c9sxnc%2B2dJKti9xMq55JNYP60kgfKMenDUDRzgumAcv2XprIrIldB8S%2BmG%2BMsUtt48ed2cgpjar%2FyBP8SmYGERJZffMzIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66e6a57d8acb2fa5-FRA

GET
H3-29 200 dot-tag.gif
www.folkd.com/images/ 989 B
2 KB 22ms
18ms Image
image/gif 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/dot-tag.gif
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09e1e05e792c205625b4692d601237e48a5d5b468b7399bf95024ac833feefa7

Request headers

:path: /images/dot-tag.gif
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/hoatuoi9xcom1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/hoatuoi9xcom1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5458
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 989
last-modified: Tue, 16 May 2017 07:09:27 GMT
server: cloudflare
etag: "3dd-54f9eda35fcc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SGEh7m2Jh9yCKooKeelN0Q8tWKwI9bwBzf5MUnAyzErctwjcGYV6gMEl86upvfyhKH54o2dCjHYe1Ud%2Bpi5hA%2FF8%2FM04XP2LA4RQaxUgE%2FgehxyhCcnLbk1kKZ7igK704N1p81Te7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66e6a57d8acc2fa5-FRA

GET
H2 200 getads.js Show response
js.adscale.de/ 25 KB
9 KB 55ms
13ms Script
application/javascript 2600:9000:2190:d600:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/getads.js
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e13ad0fd149b388477adcd6417fd3cf2bc0a71f614c5a51e1845f88ad3b8c12

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nZHm.GJLea7cNWHrCAVuESrCWzjAbIPS
content-encoding: gzip
last-modified: Sat, 10 Jul 2021 00:26:53 GMT
server: AmazonS3
age: 252
etag: W/"50bb3a4af6413e0bf7a261465cbb90af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Wed, 14 Jul 2021 00:27:07 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: gX2xR80kHxALy-YOlLpKyxnq00yQQLfAdMDapXFv0VoCUbB8Sp1IgA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
71 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 22:11:57 GMT
x-content-type-options: nosniff
age: 8351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72174
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 22:11:57 GMT

GET
H3-29 200 jquery.cookie.js Show response
www.folkd.com/js/ 4 KB
2 KB 21ms
17ms Script
text/html 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/js/jquery.cookie.js
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5

Request headers

:path: /js/jquery.cookie.js
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.folkd.com
referer: https://www.folkd.com/user/hoatuoi9xcom1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/hoatuoi9xcom1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 223
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BYY1e9B%2FLxHU8uVhxtNzJk6JR7GqBnTT77V0o431%2Fs%2FUpMqartOuxWVANuPNfBzfio4sK8dQ9xbi0LNGkUAi9qqMIvGQ5yCR06F%2BhAqOUqomhK6Ifvn5Y0zm3WAuKoSjKaMy4h5y7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 66e6a57d8abf2fa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 common.js Show response
www.folkd.com/js/ 12 KB
4 KB 39ms
35ms Script
text/javascript 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/js/common.js
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5cdd1311fda5aefb51f9945fb526884dfc01e9468dced4bffdb4bd65b5a723c

Request headers

:path: /js/common.js
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.folkd.com
referer: https://www.folkd.com/user/hoatuoi9xcom1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/hoatuoi9xcom1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LLzKICp7Nwr9AneT%2BCJGoJh359%2FaDFoBlcZ8TPc%2BW1QCxMrwhV7%2F64RHQsY4DP0loUt6RTNtkzh%2FbQZHJIu5UTnmWW2F%2FvKQFixGNR4VHcLWMnETiplmNFi97vJdu%2B4c75E6Ep1W2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 66e6a57d8ac12fa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 200 page_userdetails.js Show response
www.folkd.com/js/ 483 B
752 B 23ms
19ms Script
text/html 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/js/page_userdetails.js
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ca7e8fd30f014ba4d5a9a1e6ea49beb7df76cfe6053e9ca0cc267f45f92e1a8

Request headers

:path: /js/page_userdetails.js
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.folkd.com
referer: https://www.folkd.com/user/hoatuoi9xcom1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/hoatuoi9xcom1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2410
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Mk7JJxqFLX8hKmgrcU5zb%2F1uDH2b06cxZh71NGq5M7KKBcmkMgzHA7NfSHamHw%2BkNqfk9ziA2rCsQ8VZ3CwQF1LhVezNAbC%2Fwdu14TMjDZDiMPdpywwyPkyfxRw2kjCXBg%2Bqef2ing%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 66e6a57d8ac32fa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4499241-1

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c179a663515a236117ddd13d57d2cd4329486f3e880e7e464bb8d54f6e23146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37864
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Jul 2021 00:31:08 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ 341 KB
133 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.folkd.com
Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 15:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 15:13:01 GMT

GET
H3-29 200 folkd-sprite.png
www.folkd.com/images/ 121 KB
122 KB 18ms
17ms Image
image/png 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/folkd-sprite.png
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/styles/folkd.css?v=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 688811b41e86684db597160601b55b64ef059d2fba49dfd5651d65f865de7738

Request headers

:path: /images/folkd-sprite.png
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/styles/folkd.css?v=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/styles/folkd.css?v=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4729
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 123879
last-modified: Tue, 16 May 2017 07:09:28 GMT
server: cloudflare
etag: "1e3e7-54f9eda3e49bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jVLY5IU6wjIWUtsbYZOrgjYd7X058MeksJfV5KOxbW3tNVDDHzzOwbfGNSBbNAasvZv%2B9jktx07FNbJKu3QD2Ha3olMzZwNMHHI4Msb8jnXHeBp3Kj8aLVADfPXjcxchh4Q2LtxJwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66e6a57d9ad02fa5-FRA

GET
H3-29 200 new_updates_bnr.png
www.folkd.com/images/ 11 KB
12 KB 17ms
16ms Image
image/png 2606:4700:3035::ac43:caae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/new_updates_bnr.png?v=3
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6c5626e0eab1555c89fd50d7f166f3e5ecd812a28c94fc842051dcec1191a5

Request headers

:path: /images/new_updates_bnr.png?v=3
pragma: no-cache
cookie: PHPSESSID=1r6q76iq129cbl02l9p6dd5r46
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/hoatuoi9xcom1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/hoatuoi9xcom1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4729
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11344
last-modified: Mon, 22 Feb 2021 14:37:04 GMT
server: cloudflare
etag: "2c50-5bbedbc478400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UOR9ltzc6%2BrcaV8SPGU4GZlAyz9lIQa6%2BGPkuq64DkwIN4C%2FSgipReZAAr2il4x6aXudQfZeT1pFi9J4YinHBB4nE13G1Sh39wIYgrWc0DcVMzMbyNQl6Ms82JNx%2FdWa41mvC3rSPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66e6a57d9ad22fa5-FRA

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 223 KB
71 KB 53ms
53ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: br
last-modified: Tue, 13 Jul 2021 10:34:08 GMT
etag: "60ec4755-11a70"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72304
expires: Wed, 14 Jul 2021 01:31:08 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/ 243 KB
90 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d7731cd19278dd8d68435b1df5709fd2e12e8f13e43d86409ccc26f3354ea52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92103
x-xss-protection: 0
server: cafe
etag: 18322328620552464558
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Jul 2021 00:31:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/ Frame C76A 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210708/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.folkd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.folkd.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 13 Jul 2021 00:54:05 GMT
expires: Tue, 27 Jul 2021 00:54:05 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 85023
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 impr Show response
gaa.adscale.de/ 3 KB
4 KB 170ms
137ms Script
text/javascript 75.2.86.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=YjY2ODA=&nu=0&t=1626222668560&ssl=1&pos=below&ws=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&uuid=44136b04-fc2f-49b9-92be-fb702ded4ef8
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: 876364c49180df3314f4c0a1a5b82fa4397bbb154662b505fc36be4624c3ff68

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
cache-control: no-cache
p3p: CP=NOI PSA OUR
x-robots-tag: none
content-length: 3498
content-type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4499241-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 2422
date: Tue, 13 Jul 2021 23:50:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Wed, 14 Jul 2021 01:50:46 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1044991804&t=pageview&_s=1&dl=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&ul=en-us&de=UTF-8&dt=hoatuoi9xcom1%20%7C%20user%20details%20%7C%20folkd.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=116359024&gjid=93026170&cid=779628854.1626222669&tid=UA-4499241-1&_gid=238370689.1626222669&_r=1&gtm=2ou7c0&z=1414423512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 00:31:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
258 B 22ms
18ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.folkd.com&callback=_gfp_s_&client=ca-pub-3319618738478027

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

8643e7b5a846d3b50f7b1a07d407db4eaef397604446eb61a765916f42f7c466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.folkd.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.folkd.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D63 0
16 B 24ms
19ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1626222668&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626222668541&bpp=3&bdt=196&idt=84&shv=r20210708&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1897807005777&frm=20&pv=2&ga_vid=779628854.1626222669&ga_sid=1626222669&ga_hid=1044991804&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2059903315110358&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=110

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1626222668&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626222668541&bpp=3&bdt=196&idt=84&shv=r20210708&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1897807005777&frm=20&pv=2&ga_vid=779628854.1626222669&ga_sid=1626222669&ga_hid=1044991804&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2059903315110358&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=110
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.folkd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.folkd.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 14 Jul 2021 00:31:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e605d633428c71e4f9bf101f068d079e1e8d34362d2e8b765a5e9da64342d219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626118492032678"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27897
x-xss-protection: 0
expires: Wed, 14 Jul 2021 00:31:08 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
84 B 20ms
18ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-4499241-1&cid=779628854.1626222669&jid=116359024&gjid=93026170&_gid=238370689.1626222669&_u=YEBAAUAAAAAAAC~&z=2067534064

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Jul 2021 00:31:08 GMT
content-type: text/plain
access-control-allow-origin: https://www.folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9333.aQ86TmRv9xyMef462ZEg4jScv9gogGcL-ABX2A0PhEwid5nhgdEI13EqIlQPXfJm.5ZmSaB0pBuA9J7pwOn7c3Y-xV20%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9333.tc_mtz8EWH9gjkWWwLGhXs9OdP8klyYzAFtRlKYq2F_udyi-iEvj-R31JUIuRk0WaOzPus8qrFwZ_F1Y-4Fa1Q%2C%2C.GNXxINPgY5-xMW8XDUq0R_FeDK8%2C

75 B
75 B

53ms
52ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9333.tc_mtz8EWH9gjkWWwLGhXs9OdP8klyYzAFtRlKYq2F_udyi-iEvj-R31JUIuRk0WaOzPus8qrFwZ_F1Y-4Fa1Q%2C%2C.GNXxINPgY5-xMW8XDUq0R_FeDK8%2C

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:09 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9333.tc_mtz8EWH9gjkWWwLGhXs9OdP8klyYzAFtRlKYq2F_udyi-iEvj-R31JUIuRk0WaOzPus8qrFwZ_F1Y-4Fa1Q%2C%2C.GNXxINPgY5-xMW8XDUq0R_FeDK8%2C
date: Wed, 14 Jul 2021 00:31:09 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
88 B 54ms
54ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:08 GMT
last-modified: Mon, 12 Jul 2021 13:56:48 GMT
etag: "60ec4755-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 14 Jul 2021 01:31:08 GMT

GET
H2 403 userconnect.js
js.adscale.de// 0
0 46ms
45ms Script
application/xml 2600:9000:2190:d600:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de//userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200 Cookie set ShowAd Show response
brain.rvty.net/RTB/ Frame B5A6 1 KB
1 KB 44ms
13ms Document
text/html 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: beab7471bbf5f2226bd31a9b5f7a4764acda3e3fa3d116057eca0f9ad60491e0

Request headers

Host: brain.rvty.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.folkd.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.folkd.com/

Response headers

Server: nginx/1.13.4
Date: Wed, 14 Jul 2021 00:31:09 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: RTBUserId=4d37faf3-34c8-447e-b01f-8d7f3954b3ce; path=/; SameSite=None; secure; Expires=Thu, 14 Jul 2022 02:31:09 CEST RTBUserId-Old=4d37faf3-34c8-447e-b01f-8d7f3954b3ce; path=/; secure; Expires=Thu, 14 Jul 2022 02:31:09 CEST RTBUserId-Plain=4d37faf3-34c8-447e-b01f-8d7f3954b3ce; path=/; Expires=Thu, 14 Jul 2022 02:31:09 CEST
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Encoding: gzip

GET
H/1.1 204
No Content imp Show response
trx.adscale.de/ Frame 9B0C 0
149 B 795ms
14ms Script
application/javascript 18.158.66.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trx.adscale.de/imp?ej=Yjk0YmY5YjQxNzA5NGNiZGZoY5thhZ1VKFp_N9IWMDNKSgzpCOL0O2E-XQ3wclgeKHM10TzVw1lZEy46xhQqPARRXL9Voao4NUFLS5J9R1l3JT3SJYOQCQNzfXmgT3FvTxAE6gmh43BtECkKgnVAWX0mNtg7l9VIWiIfJqAHJSgpT1u9Ga33emoQLguQMAgZHRtrjSOexkBaKAA-qQhSOzE5Hv5G7I8keBIiXJs7MVhUAHjLJ9u2EExwEmX4CFRvMjZI_xO-hCF5EyNH1Co1GlFCIZB96v1RHDEZd_gIRnY-Nmj0X9DMYCoGLVvaezUGblcagDG1vilOJBdq6E0ZJAokatBQx8pHK1ZeDsp3KxcmBgO5NOXwZRlvbGj4Tx92RDUxgQDUxgMgWV8LwS0tRCUBBrJh5PRiAnV9YqhJVWYfIzaDQ8jWEXEFLwfZADFEJQECt3L74HNBMQJhujJXaRE4YI5fwtIRJBxkA40CZQ10XFTrOfrwPQZrDWf5akc3RWpkxxuSlVRhA3lFw1x3B2lIFrN50fQ5EWIQIq0VEyVTei-BSObFCz1AZEfeYTEfNRtD8i3K52pZIRQzuxN4exchYZVMq8pSb0cjCoxxGkJzDAunKNuocENlSmf8A38xAGVkyXyi2BVhX3hL3mAQRG4RFrA_zbxwQ2VaD5tCPGYKdGDZXKjoCTMAeDW5Bnk1QSAviX6Eym1WdhFW3EkKF3sCeMAwwIU6BVQ9dKw7ZXMOYR2yeaSnACcwVVnOAlxLOlYq0EGJ1DcRVid74iA5M0o5WbUl3KdSYx9DWdgCWAR-ADiCEeifagd8d229Y2k0TGYM5CLdqwtmHkZeilEKAnQDPNYVuZ44Xnt2aLtlMmZAM1-yId39CT0ZRgrYUxBKYkAwx1O-mEBNO3wo4Go-eFZ5HvFnkKhiYRkaRI8FTCgkEH2URaqYTFE1OCXrdi9JSHUw9TfN8SIBUEpGjhhba3JFHsAC4dNBczUrMuduPiIWZyTiM9XlcUUFCR7FAl9Mcg5KhWO0ghRnPyt9qmwtLRYgLuBBmKByDk1YCegFSQ8sEADQdbSCFGc_K326ZCdkDiow_kWArjYBVlkOziZOBX0ICs9rsIIUcSQwYbxPOnxfMjrjScPxeFMeRBPJKhZeO1tXhiewmBc9PH4xnmNSG2QIHN9088pWbXksE7JBMXQKe3mxALqkMAJbFjH8Dm43RTUq9E7u-2NWCV9_uyxCFSZaRIcrgI81M3ssFtRCYC8EDwrMZc_YexFXDmSxJhVMYWtItSiuqhx4OSxexVRgKU1JO8Zp2ogmShUOO703CEgjLl6UCK7tBHAkIAuRFWsnUFoX-mvCmGAVV3Rk5XQHZiU-fp8Fof1CLzEVCJYRK0RDVwzscfGPK0xUV2HyMxEwMSJpwFOI5k4gMDsOhFZCVVJNB6QA7ZI7UBIBaOU6MTB-b2jWaYr7VQZ3cxuMVV8SRE06kyWnyWQ2QF0qvntqMGhvVeFMwKAKdzAtCIRZDlhKQ3eOPqnHYxl0THzlOms2PjESrASLohY0FykSkUgKWhMAMIAm5NB_U35HUf09eS52chK6BIC1EzoIIiOEEBxbFUM_2SmxhCsYJABM9nl7MnsRWr5A3uoJIgZlOdsaHlwPYzvSbe_IJQBpF1C8c3AGYA1e8FfNrVAtCnI-yAERak08PdJ778w0THoGW7pAYRpvBh-1Go7uGG4bYjrKNARoK2dr1HnrgGwcfkAA6FFxRUgCBaALiuxBLVxsIok1EDU8Z3f2bvifKEIyThirZ1V5EVVGxlnWrxBsAWw0iQMmCVAxJ7Yts91GCXMfXeZtBDNyY2L6AIHsdj5dLm_IXCYfUAcRilDonBNSNEAKnjlUbDlof6hqysohfARiJrxaOwNSARr9Ga-4bB1wAU7ZPhk5NGB2jnyDmh54E2Qnr1t9akcQI-cYoaB4GX8XQoN5FAwmQFGCa8TODDtFcSPvCnEgBCUk6w-HvGVPIB5znW8CRWpRBtFp5tAWKgw8FugGZgwOZFajDJW1eF4uBnCJahVpIkYz1mXx5hA_XGMUwA5FG0c1VrgR09x2XjAQcewsIG4uUQbNc5CzGzNffiGeSVMLQCUk9xXx32hWc1xA-jowaixAYZZnn7YGMQB-esgUAi8BdU20FOzGVlByChStZkdOcxsk2nOf5GxhXDJRgFNrbBB0V65RpdBCURkfZKxxDwVjBDvPKPW5OjR1VgCOSy0zWjJerh2RjVgGQG4063hIC2IHOpZ_pO9hMiZeUtxPfTtAehq2X4TPQR220rM=&rns=YTJmNzcwOGFhOGY1NDkwNVxrwwAmfrOtYh041UPTHfllXaU0QxuDlAcrC-IgtnucVD_ADSV4tbYrCWWNVN8d5QNWrmNACpeMX3sQ6Hj9c4p3P8gaDGXk6S1ZKpwKiBamVUvqID1UyMtPME71bqoshGRpxgJRIbqnbQoggALGUaSY2FIL
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.66.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-66-80.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=3600
Expires: Wed, 14 Jul 2021 01:31:09 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/71239210/
Redirect Chain

https://mc.yandex.com/watch/71239210?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A368%3Afu%3A0%3...
https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A368%3Afu%3A0...

316 B
347 B

53ms
52ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A368%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1597113744432%3Ahid%3A444515591%3Az%3A120%3Ai%3A20210714023108%3Aet%3A1626222669%3Ac%3A1%3Arn%3A265185367%3Au%3A1626222669391051526%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626222668114%3Ads%3A1%2C16%2C102%2C1%2C104%2C0%2C%2C179%2C1%2C%2C%2C%2C411%3Adsn%3A1%2C16%2C102%2C1%2C105%2C0%2C%2C186%2C1%2C%2C%2C%2C412%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626222669%3At%3Ahoatuoi9xcom1%20%7C%20user%20details%20%7C%20folkd.com

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/hoatuoi9xcom1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

2eb787a9fc4a5e1fb9c87cf3d6cb8324e3c0af023838be47bf6210b1388789fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 00:31:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 14-Jul-2021 00:31:09 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.folkd.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Wed, 14-Jul-2021 00:31:09 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Jul 2021 00:31:09 GMT
last-modified: Wed, 14-Jul-2021 00:31:09 GMT
location: /watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A368%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1597113744432%3Ahid%3A444515591%3Az%3A120%3Ai%3A20210714023108%3Aet%3A1626222669%3Ac%3A1%3Arn%3A265185367%3Au%3A1626222669391051526%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626222668114%3Ads%3A1%2C16%2C102%2C1%2C104%2C0%2C%2C179%2C1%2C%2C%2C%2C411%3Adsn%3A1%2C16%2C102%2C1%2C105%2C0%2C%2C186%2C1%2C%2C%2C%2C412%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626222669%3At%3Ahoatuoi9xcom1%20%7C%20user%20details%20%7C%20folkd.com
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.folkd.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 14-Jul-2021 00:31:09 GMT

GET
H/1.1 200
OK ads_view.js Show response
cdn.rvty.net/view/ Frame B5A6 3 KB
4 KB 37ms
12ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/view/ads_view.js
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 00:31:09 GMT
Last-Modified: Fri, 20 Dec 2019 09:27:25 GMT
Server: nginx/1.13.4
ETag: "5dfc93fd-d40"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3392

GET
H/1.1

200

GoogleMatch
brain.rvty.net/RTB/ Frame B5A6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm=&google_tc=
https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESENgWxS3LYQ3ofg3uJrm22M8&google_cver=1

43 B
553 B

12ms
11ms

Image
image/gif

89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESENgWxS3LYQ3ofg3uJrm22M8&google_cver=1
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 00:31:09 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 14 Jul 2021 00:31:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESENgWxS3LYQ3ofg3uJrm22M8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 292
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 4sxtd47yng2k Show response
ad.ad-srv.net/zone/ Frame B5A6 10 KB
3 KB 45ms
16ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/4sxtd47yng2k?subid=&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1626222669774%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D80cc1159296f4ee09e637cefe1be9fc6%26gdpr%3D0%26gdpr_consent%3D%26dest%3D
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 84cd6ba48a377f38642b18adeeda17d3af1d4df8d90b48145e02412ac7c1c99b

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 00:31:09 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2844
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad8.ad-srv.net/ Frame B5A6
Redirect Chain

https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=8e268cbf6c&subid=&uid=af0a12a61ee03714&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x60...
https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=8e268cbf6c&subid=&uid=af0a12a61ee03714&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x60...

2 KB
1 KB

63ms
39ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=8e268cbf6c&subid=&uid=af0a12a61ee03714&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1626222669774%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D80cc1159296f4ee09e637cefe1be9fc6%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=7480895406697&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 2a15560a18f19ebc8d7a25fdaaa5d3186a3fd2418804f41521857c7506868e10

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Jul 2021 00:31:10 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 58230800007278001324219011655008
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 733
Expires: Wed, 14 Jul 2021 01:31:10 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 14 Jul 2021 00:31:09 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=8e268cbf6c&subid=&uid=af0a12a61ee03714&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1626222669774%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D80cc1159296f4ee09e637cefe1be9fc6%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=7480895406697&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 14 Jul 2021 01:31:09 +0200

GET
H2

200

ztpv.php Show response
www.conrad.de/ Frame 29E6
Redirect Chain

https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pv=1&pref1=58230800007278001324219011655008&gdpr=&gdpr_consent=
https://www.conrad.de/ztpv.php?awc=11354_278235_1626222670_c94c50b0-e43a-11eb-946d-692d0237e2f2&insert=AW

0
706 B

53ms
33ms

Document
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.conrad.de/ztpv.php?awc=11354_278235_1626222670_c94c50b0-e43a-11eb-946d-692d0237e2f2&insert=AW

Requested by

Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=8e268cbf6c&subid=&uid=af0a12a61ee03714&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1626222669774%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D80cc1159296f4ee09e637cefe1be9fc6%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=7480895406697&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: www.conrad.de
:scheme: https
:path: /ztpv.php?awc=11354_278235_1626222670_c94c50b0-e43a-11eb-946d-692d0237e2f2&insert=AW
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://brain.rvty.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://brain.rvty.net/

Response headers

date: Wed, 14 Jul 2021 00:31:10 GMT
content-type: text/html; charset=UTF-8
server-timing: intid;desc=52b2ea54f7722c49 intid;desc=1e4cf529cdbaf27e
cache-control: no-cache
expires: -1
set-cookie: HTLP_timestamp=1626222670; expires=Mon, 19-Jul-2021 00:31:10 GMT; Max-Age=432000; path=/; secure; SameSite=None CEAffHA=YD; expires=Mon, 19-Jul-2021 00:31:10 GMT; Max-Age=432000; path=/; secure; SameSite=None __cf_bm=f3b644cc4d0f69a3e2ad698a7006f1328e0aecee-1626222670-1800-AfYewPgQHvBJUx78hLFoEbRjnBStXmc/QeUc4Nr2XB+h5zVlr7rxZcghl7TXVHYFvVKTyzMVMEWugTBfFFEg5D8=; path=/; expires=Wed, 14-Jul-21 01:01:10 GMT; domain=.www.conrad.de; HttpOnly; Secure; SameSite=None
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
age: 0
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66e6a5889db84e1a-FRA
content-encoding: br

Redirect headers

Location: https://www.conrad.de/ztpv.php?awc=11354_278235_1626222670_c94c50b0-e43a-11eb-946d-692d0237e2f2&insert=AW
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length: 0
Date: Wed, 14 Jul 2021 00:31:10 GMT
Connection: keep-alive
Set-Cookie: awpv11354=278235|1626222670|c94c50b0-e43a-11eb-946d-692d0237e2f2;domain=.awin1.com;path=/;expires=Saturday, 17-Jul-2021 00:31:10 UTC;Secure;SameSite=None AWSESS=377133:2470169;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200
OK request_content.php Show response
ad8.ad-srv.net/ Frame 604C 6 KB
2 KB 36ms
12ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad8.ad-srv.net/request_content.php?s=58230800007278001324219011655008&a=e02445b3
Requested by: Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=8e268cbf6c&subid=&uid=af0a12a61ee03714&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1626222669774%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D80cc1159296f4ee09e637cefe1be9fc6%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=7480895406697&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 1923aa50fb7ab1ad2945037e48ef72d9120914dfcb41252dfeb0242adc07b808

Request headers

Host: ad8.ad-srv.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://brain.rvty.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: kdb0xdq3ls8m_uid=4329d1792fb2a536
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://brain.rvty.net/

Response headers

Date: Wed, 14 Jul 2021 00:31:10 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 14 Jul 2021 01:31:10 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1956
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
cdn.rvty.net/_files/js/ Frame 9BAD 91 KB
91 KB 15ms
14ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/view/ads_view.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 00:31:10 GMT
Last-Modified: Wed, 08 Jan 2020 08:13:37 GMT
Server: nginx/1.13.4
ETag: "5e158f31-16bb3"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93107

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 9BAD 0
119 B 11ms
11ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Jul 2021 00:31:10 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 604C 89 KB
32 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request_content.php?s=58230800007278001324219011655008&a=e02445b3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 14:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 14:37:48 GMT

GET
H2

200

summer_160x600
asset.conrad.com/media10/isa/160267/c1/-/de/ Frame 604C
Redirect Chain

https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pref1=58230800007278001324219011655008&gdpr=&gdpr_consent=
https://asset.conrad.com/media10/isa/160267/c1/-/de/summer_160x600?format=gif

28 KB
28 KB

80ms
30ms

Image
image/gif

178.79.227.54
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.conrad.com/media10/isa/160267/c1/-/de/summer_160x600?format=gif

Requested by

Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request_content.php?s=58230800007278001324219011655008&a=e02445b3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.54 , United States, ASN22822 (LLNW, US),

Reverse DNS

Software

Cliplister GmbH /

Resource Hash

0df5a0e41f03601b73d6e6c7dcb967053ead63decee0cc1572a64a4839fbe7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:10 GMT
last-modified: Tue, 08 Jun 2021 05:50:53 GMT
server: Cliplister GmbH
age: 57016
etag: "60bf053d-6f22"
strict-transport-security: max-age=15768000
reporting: eyJjb25zdW1lcmlkIjoxNjAyNjcsIm93bmVyaWQiOjE2MDI2NywidW5pcXVlaWQiOiIxNjAyNjdjNDB4OVdOSXk2cV9yaDBFZVh3djJ0QVQiLCJ1dWlkIjoiYTQ5MjZmNjRlYjQ3YjQ2NTQ4MzcyZGM3YTY3NTIyMmU0IiwiYXNzZXR0eXBlIjoicGljdHVyZSJ9
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=172800
x-server: c07
accept-ranges: bytes
content-length: 28450
x-llid: 74cb2d29fcc88823a626523e19b3fdae
expires: Thu, 15 Jul 2021 08:40:54 GMT

Redirect headers

Date: Wed, 14 Jul 2021 00:31:10 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://asset.conrad.com/media10/isa/160267/c1/-/de/summer_160x600?format=gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad8.ad-srv.net/ Frame 604C 0
150 B 39ms
13ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad8.ad-srv.net/viewability?s=58230800007278001324219011655008&a=c667f128&vb=m
Requested by: Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request_content.php?s=58230800007278001324219011655008&a=e02445b3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad8.ad-srv.net/request_content.php?s=58230800007278001324219011655008&a=e02445b3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 00:31:10 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210708&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23aeea7504986fd9c95919636fba9beb6461fba6a3cd22e219103c0d418e5db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Jul 2021 00:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8442
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 00:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 14 Jul 2021 00:31:10 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7CFE 12 KB
5 KB 9ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.folkd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.folkd.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 13 Jul 2021 23:20:48 GMT
expires: Wed, 13 Jul 2022 23:20:48 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3872 783 B
531 B 16ms
15ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

12ea10d8a5eade943d61879d0337764f3892c96205848f90ab2805e2939da9a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gmeXZB+ZOexwUoxXQcALUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.folkd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.folkd.com/

Response headers

expires: Wed, 14 Jul 2021 00:31:10 GMT
date: Wed, 14 Jul 2021 00:31:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-gmeXZB+ZOexwUoxXQcALUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CFE 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 10:57:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13247
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 10:57:13 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 17ms
15ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210708&jk=2059903315110358&bg=!VFelVxPNAAZjFomlYxY7ACkAdvg8Wo5QPv5bASs9WJaEqoriSIdA_WpGKb1Ru-95VF72pDhmFeo2oAIAAAClUgAAAA1oAQcKASnvrH1eMMY-ouFToalLOtrOngCSPtk5tAx7PfBhj1-uao1W_ThKwktgzy6X-eJDeNa_R7Ah2-oErdIa1GW8oMM29J4vtXkiVIN0wLd9w13B0o8bONHeFAitmiruc7awonosi-BNrQ7tovHvCJQfNLcSUF1Xa4bHKPcIcZSomnCZb6cWJVPOowxeFLWHj6-heuo98wFtMnIrXniYphQ03PLiHQt1K4x2UNzmh4g0vn19a-6mZhvxG2Svyr_KanrfufBs0Of4BdT0SY10C4rnOxIpIY9gAmErZBLFZUOldN05Wyh7krf04EasP-FaoEZsJDZEyMXtGDcWiXsYag0OEyySFhYILUdyUYbcmh9K1u7QYoH5rSRNz-0_8FEY6-QmLcei_PQLvUGzohWZAmge7Ii-gZlcRWkirid4Kc53Gst9MpjJGRbHAkaBJ0wl3CC0bDyZcJ1ngNVNtJspM--Uew-Ada2WPJbuKTfT9EktTugNVUvvpNiLy_FFqOtMc0w4rjujRjsDxbQPHkeB8VT3WDY_fg3kxl2Fv7bXhS6NRkr0I-qq1Mg-WjtNNvFEQgpQcsMaQl_AIs0ZQqQBzZ7QzoCPEi3zoRaR180UFqGDZHSikJffWlwSj5Q0l8kpRgkrDDkzaNLQ_GEVSiCIijnUB8PSaustxQrIRJAJCdb0dqFswQ3cIR-4Za_dieh79qV4BXcyjMqJdztudzBTp0mI2QrIysItSSs863uvWRxdFwlBGmHYj8UB4yldZwsrO_j9HhjIbJ9eedudXlvGxR2Xomve0hngB8ugkteNTwjAiag8irizoh_UweXO0azpNjom-IYVjYKaWPfiCGAqpGapo6VmljZzmbuBZD2EAR0z1Fz9SUV3JgrMEsWFq--I2M0gzjj2mEvDKS9FPjAmJ1RY5RGsRBHitcLgzudqBsH-lkY0HNtwc-ddbuIWRbaykrXcY0r0iD1_Fd40gHuJQGBmOt4Ut56mk1m5sZ92LYNNtvgIYWJ5WvYQaWZeI2ajWjnKyqcEmToQ1VR06RVVMb88VBTT1K93LG0jyiRJ6A2BQoqbYDJI0B7S28OPd2vdOl2pKX6SVwocfIaRVQt-7COdB6_BRyudnZxYpfFGU7owtx3bDZsGTcr6wiIhgaemfaRYUUV85GzxhofatAn42DRF0SWMuMVicxyZmMSkNdr5XBEpiiQGFk2fI3y9BDoVuEmwE9ebk5S1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 00:31:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 9BAD 0
119 B 11ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Jul 2021 00:31:10 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 9BAD 0
119 B 11ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Jul 2021 00:31:11 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad8.ad-srv.net/ Frame 604C 0
150 B 50ms
12ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad8.ad-srv.net/viewability?s=58230800007278001324219011655008&a=c667f128&vb=v
Requested by: Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request_content.php?s=58230800007278001324219011655008&a=e02445b3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad8.ad-srv.net/request_content.php?s=58230800007278001324219011655008&a=e02445b3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 00:31:11 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 9BAD 0
119 B 11ms
11ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Jul 2021 00:31:11 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H2 200 71239210 Show response
mc.yandex.com/webvisor/ 43 B
154 B 106ms
105ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71239210?wmode=0&wv-part=1&wv-hit=444515591&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rn=98925031&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1626222672%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210714023112%3Au%3A1626222669391051526%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1626222672

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 00:31:12 GMT
last-modified: Wed, 14-Jul-2021 00:31:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.folkd.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 14-Jul-2021 00:31:12 GMT

POST
H2 200 71239210 Show response
mc.yandex.com/webvisor/ 43 B
155 B 134ms
132ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71239210?wmode=0&wv-part=1&wv-hit=444515591&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rn=78643909&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1626222672%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210714023112%3Au%3A1626222669391051526%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1626222672

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Jul 2021 00:31:12 GMT
last-modified: Wed, 14-Jul-2021 00:31:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.folkd.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 14-Jul-2021 00:31:12 GMT

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 9BAD 0
119 B 11ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Jul 2021 00:31:12 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 9BAD 0
119 B 11ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Jul 2021 00:31:12 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 9BAD 0
119 B 12ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Jul 2021 00:31:13 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 9BAD 0
119 B 11ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Jul 2021 00:31:13 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 9BAD 0
119 B 14ms
14ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Jul 2021 00:31:14 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 9BAD 0
119 B 11ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Jul 2021 00:31:14 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 9BAD 0
119 B 11ms
10ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Jul 2021 00:31:17 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 9BAD 0
119 B 11ms
11ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Jul 2021 00:31:20 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 9BAD 0
119 B 11ms
11ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=80cc1159296f4ee09e637cefe1be9fc6&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fhoatuoi9xcom1&rawReferrerURL=&uid=4d37faf3-34c8-447e-b01f-8d7f3954b3ce&euid=a749a74488dc44ea102f4f354aab1372c68e027d538e06148d40cd4dc1cb0bc6&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 14 Jul 2021 00:31:23 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.conrad.de/	1970-01-19 19:43:44	Name: __cf_bm Value: f3b644cc4d0f69a3e2ad698a7006f1328e0aecee-1626222670-1800-AfYewPgQHvBJUx78hLFoEbRjnBStXmc/QeUc4Nr2XB+h5zVlr7rxZcghl7TXVHYFvVKTyzMVMEWugTBfFFEg5D8=
www.conrad.de/	1970-01-19 19:50:54	Name: HTLP_timestamp Value: 1626222670
.ad-srv.net/	1970-01-19 21:53:18	Name: kdb0xdq3ls8m_uid Value: 4329d1792fb2a536
brain.rvty.net/	1970-01-20 04:29:25	Name: RTBUserId Value: 4d37faf3-34c8-447e-b01f-8d7f3954b3ce
.doubleclick.net/	1970-01-20 05:05:18	Name: IDE Value: AHWqTUnfV0uU3pxERVF41xJ_wmvUD0L6rNSos7ti_bHHQD_ENfnKe1h7GYLuL4Kwjp8
www.conrad.de/	1970-01-19 19:50:54	Name: CEAffHA Value: YD
.folkd.com/	1970-01-19 19:43:44	Name: _ym_visorc Value: w
.folkd.com/	1970-01-20 13:14:54	Name: _ga Value: GA1.2.779628854.1626222669
.folkd.com/	1970-01-19 19:44:54	Name: _ym_isad Value: 2
.folkd.com/	1970-01-19 19:45:09	Name: _gid Value: GA1.2.238370689.1626222669
.folkd.com/	1970-01-20 04:29:18	Name: _ym_uid Value: 1626222669391051526
.folkd.com/	1970-01-19 19:43:42	Name: _gat_gtag_UA_4499241_1 Value: 1
.folkd.com/	1970-01-20 05:05:18	Name: __gads Value: ID=ea95513f883d396b-227cc6c86bc900a1:T=1626222668:RT=1626222668:S=ALNI_MYm0mPhGsasa1Thd5a3vdSWZlAZNg
.folkd.com/	1970-01-20 04:29:18	Name: _ym_d Value: 1626222669
www.folkd.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1r6q76iq129cbl02l9p6dd5r46

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.ad-srv.net
ad8.ad-srv.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
asset.conrad.com
bit.ly
brain.rvty.net
cdn.rvty.net
cm.g.doubleclick.net
gaa.adscale.de
googleads.g.doubleclick.net
js.adscale.de
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
trx.adscale.de
www.awin1.com
www.conrad.de
www.folkd.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.111.239.217
138.201.63.150
138.201.84.245
142.250.74.194
178.79.227.54
18.158.66.80
216.58.212.130
2600:9000:2190:d600:f:4f64:8940:93a1
2606:4700:3035::ac43:caae
2606:4700::6812:7f05
2a00:1450:4001:800::2002
2a00:1450:4001:801::2004
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:813::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c04::9a
2a02:6b8::1:119
67.199.248.10
75.2.86.129
89.163.211.233
89.163.211.242
00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054
03538cc5b5491d983dec8a3b1f5bcfbbdd3f07f7a2525b4074e189664280a7a5
0539c693b26ace134ac758344d99adf4689a95682797741e6913a7d2e97ec8f6
09e1e05e792c205625b4692d601237e48a5d5b468b7399bf95024ac833feefa7
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0df5a0e41f03601b73d6e6c7dcb967053ead63decee0cc1572a64a4839fbe7fd
12ea10d8a5eade943d61879d0337764f3892c96205848f90ab2805e2939da9a6
1923aa50fb7ab1ad2945037e48ef72d9120914dfcb41252dfeb0242adc07b808
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
23aeea7504986fd9c95919636fba9beb6461fba6a3cd22e219103c0d418e5db3
2a15560a18f19ebc8d7a25fdaaa5d3186a3fd2418804f41521857c7506868e10
2ca7e8fd30f014ba4d5a9a1e6ea49beb7df76cfe6053e9ca0cc267f45f92e1a8
2eb787a9fc4a5e1fb9c87cf3d6cb8324e3c0af023838be47bf6210b1388789fb
3257767220339f2d90be109c653f320eaa20fef3821ec0f0ed04033a0cb7b6aa
3db2e09adb3a038fa2efa016ef16f84ec56aed13a118201d01ed6b4fedbac56c
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56356001ba467fc7240f786c964eb00db91e14603b30b527db7c0db54526b425
5e13ad0fd149b388477adcd6417fd3cf2bc0a71f614c5a51e1845f88ad3b8c12
688811b41e86684db597160601b55b64ef059d2fba49dfd5651d65f865de7738
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7d7731cd19278dd8d68435b1df5709fd2e12e8f13e43d86409ccc26f3354ea52
8180abcb91f876e9e3749696063dd70d4125c5389b83b1a85715fc7fea7c4486
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84cd6ba48a377f38642b18adeeda17d3af1d4df8d90b48145e02412ac7c1c99b
8643e7b5a846d3b50f7b1a07d407db4eaef397604446eb61a765916f42f7c466
876364c49180df3314f4c0a1a5b82fa4397bbb154662b505fc36be4624c3ff68
8a6c5626e0eab1555c89fd50d7f166f3e5ecd812a28c94fc842051dcec1191a5
8df95039d01dffc9f8bed21058436e12f52a0866d107a800cfb141fa5134977e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a35dbc7791c1c16b1be0f35ff6db81338c24f4f028d0f6909dea350e9f19accc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28
b53381303a6bc0505e09d23f4c49c2e48e90493b8b78b9f7372682d0d27ac5e3
b70e27767d2874998f4da584d0dcee85689d1dfcea8af7f148e7a71099c8ac1a
beab7471bbf5f2226bd31a9b5f7a4764acda3e3fa3d116057eca0f9ad60491e0
c179a663515a236117ddd13d57d2cd4329486f3e880e7e464bb8d54f6e23146a
c5cdd1311fda5aefb51f9945fb526884dfc01e9468dced4bffdb4bd65b5a723c
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d557ac01f6bfe50ee326ee5f2d49f424ec776af5da5abb4231083ab4a772feb9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e605d633428c71e4f9bf101f068d079e1e8d34362d2e8b765a5e9da64342d219
e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa

www.folkd.com Open in urlscan Pro 2606:4700:3035::ac43:caae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

100 %HTTPS

63 %IPv6

20 Domains

28 Subdomains

27 IPs

4 Countries

881 kBTransfer

1791 kBSize

15 Cookies

8 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.folkd.com Open in urlscan Pro
2606:4700:3035::ac43:caae Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

100 %
HTTPS

63 %
IPv6

20
Domains

28
Subdomains

27
IPs

4
Countries

881 kB
Transfer

1791 kB
Size

15
Cookies

71 HTTP transactions
0 data transactions