folkd.com Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.folkd.com/submit/themesotheliomalawcenter.com/reno-nv-mesothelioma-legal-question/
Effective URL:
https://folkd.com/
Submission: On November 22 via manual (November 22nd 2023, 7:32:57 am UTC) from PL — Scanned from CH

Summary HTTP 751 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 64 IPs in 12 countries across 86 domains to perform 751 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is folkd.com.
TLS certificate: Issued by R3 on November 13th 2023. Valid for: 3 months.

This is the only time folkd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 12	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6810:cc42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
110	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a01:7e00:1::... 2a01:7e00:1::b903:5c4c	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	104.16.137.79 104.16.137.79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 10	35.193.186.65 35.193.186.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:2000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::ac40:90a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	35.186.236.140 35.186.236.140	15169 (GOOGLE) (GOOGLE)
1	34.213.255.230 34.213.255.230	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:e800:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::201b	15169 (GOOGLE) (GOOGLE)
2	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2606:4700:20:... 2606:4700:20::ac43:47fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.241.169.31 162.241.169.31	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::6815:26e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:4780:11:... 2a02:4780:11:1189:0:2e75:d040:3	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	151.101.3.52 151.101.3.52	54113 (FASTLY) (FASTLY)
2	149.28.187.227 149.28.187.227	20473 (AS-CHOOPA) (AS-CHOOPA)
2	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	18.202.86.19 18.202.86.19	16509 (AMAZON-02) (AMAZON-02)
1 4	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
59	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
33	2600:9000:264... 2600:9000:2646:da00:1b:83f3:bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
52	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4 52	34.251.207.202 34.251.207.202	16509 (AMAZON-02) (AMAZON-02)
11	51.20.166.45 51.20.166.45	16509 (AMAZON-02) (AMAZON-02)
6 6	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1 3	54.239.38.253 54.239.38.253	16509 (AMAZON-02) (AMAZON-02)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
6 75	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	172.105.199.172 172.105.199.172	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
6	52.59.133.66 52.59.133.66	16509 (AMAZON-02) (AMAZON-02)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2600:9000:225... 2600:9000:2250:f600:1e:fdf8:aac0:93a1	16509 (AMAZON-02) (AMAZON-02)
94	3.91.171.232 3.91.171.232	14618 (AMAZON-AES) (AMAZON-AES)
4 8	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10 10	18.196.230.223 18.196.230.223	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
7 7	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 5	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
5 5	69.166.1.35 69.166.1.35	27630 (AS-XFERNET) (AS-XFERNET)
7 7	216.52.2.91 216.52.2.91	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
8 8	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	50.31.142.31 50.31.142.31	23352 (SERVERCEN...) (SERVERCENTRAL)
5 5	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
4 8	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
3 3	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.121.33.140 3.121.33.140	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
1 10	108.138.7.10 108.138.7.10	16509 (AMAZON-02) (AMAZON-02)
7	34.249.193.45 34.249.193.45	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
751	64

12 76.76.21.21 (Walnut, United States) 2 redirects

ASN16509 (AMAZON-02, US)

www.folkd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
folkd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:cc42 (United States)

ASN13335 (CLOUDFLARENET, US)

folkd0612.bubbleapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

110 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:7e00:1::b903:5c4c (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.137.79 (None, )

ASN13335 (CLOUDFLARENET, US)

1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.193.186.65 (United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.186.193.35.bc.googleusercontent.com

xeqe-t3lw-i7hv.n7.xano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:2000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com

imps.monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.255.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-255-230.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:e800:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.kryderlaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:47fc (United States)

ASN13335 (CLOUDFLARENET, US)

shamlatech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.241.169.31 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: p4strategies.com

risalafurniture.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)

miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:26e3 (United States)

ASN13335 (CLOUDFLARENET, US)

myfirsthomeincalgary.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:4780:11:1189:0:2e75:d040:3 (Mumbai, India)

ASN47583 (AS-HOSTINGER, CY)

astrologyexperts.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.3.52 (United States)

ASN54113 (FASTLY, US)

www.comfortkeepers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.28.187.227 (Sydney, Australia)

ASN20473 (AS-CHOOPA, US)
PTR: s6-syd.intesols.com.au

orchidhousepainters.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.86.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-86-19.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2600:9000:2646:da00:1b:83f3:bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 34.251.207.202 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 51.20.166.45 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-51-20-166-45.eu-north-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.233 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.38.253 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

75 142.250.185.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.199.172 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1853-172.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (Schiphol, Netherlands) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.59.133.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-133-66.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:2250:f600:1e:fdf8:aac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

matchadsrvr.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

94 3.91.171.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-171-232.compute-1.amazonaws.com

kinesis.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:18ad (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.196.230.223 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-223.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.1.9 (France) 7 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.47.127.19 (United States) 5 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.166.1.35 (United States) 5 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.52.2.91 (United States) 7 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.248.245.213 (United States) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.31.142.31 (Hickory Hills, United States) 4 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.228.174.117 (United Kingdom) 5 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 51.38.120.206 (Hessen, Germany) 4 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.160.23 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.33.140 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-33-140.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.122 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 108.138.7.10 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-10.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.249.193.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-193-45.eu-west-1.compute.amazonaws.com

s.update.tas.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
124	googlesyndication.com 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	695 KB
110	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	123 KB
103	yieldmo.com 4 redirects static.yieldmo.com — Cisco Umbrella Rank: 2504 ads.yieldmo.com — Cisco Umbrella Rank: 657 matchadsrvr.yieldmo.com — Cisco Umbrella Rank: 2834 sync-openx.ads.yieldmo.com Failed sync-adform.ads.yieldmo.com Failed s.update.tas.yieldmo.com — Cisco Umbrella Rank: 10171	2 MB
101	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	492 KB
94	amazonaws.com kinesis.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1266	26 KB
22	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	2 MB
13	gstatic.com fonts.gstatic.com www.gstatic.com	469 KB
12	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	700 KB
12	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
12	folkd.com 2 redirects www.folkd.com folkd.com	17 KB
11	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1459	3 KB
11	monu.delivery monu.delivery — Cisco Umbrella Rank: 26382 imps.monu.delivery — Cisco Umbrella Rank: 31634	182 KB
10	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	4 KB
10	bidswitch.net 10 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	5 KB
10	criteo.com 8 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926 dis.criteo.com — Cisco Umbrella Rank: 597	11 KB
10	xano.io 2 redirects xeqe-t3lw-i7hv.n7.xano.io	21 KB
8	onetag-sys.com 4 redirects onetag-sys.com — Cisco Umbrella Rank: 746	2 KB
8	3lift.com 8 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	4 KB
8	tribalfusion.com 4 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	4 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 o.clarity.ms — Cisco Umbrella Rank: 7480 c.clarity.ms — Cisco Umbrella Rank: 1405	23 KB
7	lijit.com 7 redirects ap.lijit.com — Cisco Umbrella Rank: 683	4 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 m.stripe.com — Cisco Umbrella Rank: 1249	158 KB
7	bubbleapps.io folkd0612.bubbleapps.io	1 MB
6	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	205 B
6	adform.net 6 redirects c1.adform.net — Cisco Umbrella Rank: 599	4 KB
5	sonobi.com 5 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 931	4 KB
5	pubmatic.com 5 redirects image6.pubmatic.com — Cisco Umbrella Rank: 823	2 KB
5	openx.net oajs.openx.net — Cisco Umbrella Rank: 1656 Failed google-bidout-d.openx.net — Cisco Umbrella Rank: 1665 eu-u.openx.net — Cisco Umbrella Rank: 2753 us-u.openx.net — Cisco Umbrella Rank: 522	1 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 storage.googleapis.com — Cisco Umbrella Rank: 409	42 KB
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 580	2 KB
3	media.net 3 redirects cs.media.net — Cisco Umbrella Rank: 1513 contextual.media.net Failed	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 567	2 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	2 KB
3	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890	2 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	36 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	1 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 4780	1 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	297 B
2	orchidhousepainters.com.au orchidhousepainters.com.au
2	astrologyexperts.in astrologyexperts.in	37 KB
2	myfirsthomeincalgary.ca myfirsthomeincalgary.ca	360 KB
2	risalafurniture.ae risalafurniture.ae	100 KB
2	shamlatech.com shamlatech.com
2	kryderlaw.com www.kryderlaw.com	689 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	13 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1481	178 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	bubble.io 1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io	2 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	304 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	82 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	763 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 868	761 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1562	709 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1309	684 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 15453	597 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	549 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377	778 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	538 B
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4524	474 B
1	comfortkeepers.com www.comfortkeepers.com	33 KB
1	medium.com miro.medium.com — Cisco Umbrella Rank: 14368	131 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	16 KB
0	mfadsrvr.com Failed rtb.mfadsrvr.com Failed
0	loopme.me Failed csync.loopme.me Failed
0	smartadserver.com Failed ssbsync.smartadserver.com Failed
0	agkn.com Failed aa.agkn.com Failed
0	bluekai.com Failed stags.bluekai.com Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
0	iqzone.com Failed xsync.iqzone.com Failed
0	rlcdn.com Failed idsync.rlcdn.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	adentifi.com Failed rtb.adentifi.com Failed
0	metadsp.co.uk Failed u.ipw.metadsp.co.uk Failed
0	bttrack.com Failed bttrack.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	dotomi.com Failed yieldmo-match.dotomi.com Failed
0	tapad.com Failed pixel.tapad.com — Cisco Umbrella Rank: 487 Failed
0	contextweb.com Failed bh.contextweb.com Failed
0	rubiconproject.com Failed pixel-eu.rubiconproject.com Failed
0	yahoo.com Failed ups.analytics.yahoo.com Failed
0	sportsbookreview.com Failed wpi.sportsbookreview.com Failed
751	86

	Domain	Requested by
110	cdn.jsdelivr.net	folkd.com folkd0612.bubbleapps.io securepubads.g.doubleclick.net
94	kinesis.us-east-1.amazonaws.com	static.yieldmo.com
75	cm.g.doubleclick.net	6 redirects google-bidout-d.openx.net 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com ads.yieldmo.com
59	tpc.googlesyndication.com	folkd.com 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
52	ads.yieldmo.com	4 redirects 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com folkd.com ads.yieldmo.com static.yieldmo.com
52	pagead2.googlesyndication.com	72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com folkd.com pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
33	static.yieldmo.com	folkd.com static.yieldmo.com 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
22	s0.2mdn.net	72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com folkd.com
17	securepubads.g.doubleclick.net	monu.delivery securepubads.g.doubleclick.net 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
13	72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com	securepubads.g.doubleclick.net cdn.confiant-integrations.net
12	www.googletagservices.com	folkd.com 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
12	www.google.com	folkd0612.bubbleapps.io 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com tpc.googlesyndication.com
11	matchadsrvr.yieldmo.com	static.yieldmo.com
11	protected-by.clarium.io	72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
11	folkd.com	1 redirects folkd.com folkd0612.bubbleapps.io
10	sb.scorecardresearch.com	1 redirects 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
10	x.bidswitch.net	10 redirects
10	xeqe-t3lw-i7hv.n7.xano.io	2 redirects cdn.jsdelivr.net
9	googleads.g.doubleclick.net	folkd.com
9	fonts.gstatic.com	fonts.googleapis.com
8	onetag-sys.com	4 redirects 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
8	eb2.3lift.com	8 redirects
7	s.update.tas.yieldmo.com	folkd.com s.update.tas.yieldmo.com
7	ap.lijit.com	7 redirects
7	dis.criteo.com	7 redirects
7	imps.monu.delivery	folkd.com
7	folkd0612.bubbleapps.io	folkd.com folkd0612.bubbleapps.io
6	match.sharethrough.com	72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
6	c1.adform.net	6 redirects
5	sync.go.sonobi.com	5 redirects 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
5	image6.pubmatic.com	5 redirects
4	b1sync.zemanta.com	4 redirects ads.yieldmo.com 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
4	s.tribalfusion.com	72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
4	a.tribalfusion.com	4 redirects 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
4	o.clarity.ms	www.clarity.ms
4	www.gstatic.com	www.google.com folkd.com 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
4	monu.delivery	folkd.com monu.delivery
3	cs.media.net	3 redirects 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
3	sync.1rx.io	3 redirects
3	ssum-sec.casalemedia.com	3 redirects
3	aax-eu.amazon-adsystem.com	1 redirects google-bidout-d.openx.net ads.yieldmo.com
3	q.stripe.com	folkd.com
3	fonts.googleapis.com	folkd0612.bubbleapps.io 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com folkd.com
3	js.stripe.com	folkd.com js.stripe.com
2	c.clarity.ms	1 redirects
2	ib.adnxs.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	match.adsrvr.org	google-bidout-d.openx.net ads.yieldmo.com
2	google-bidout-d.openx.net	1 redirects oa.openxcdn.net
2	gum.criteo.com	1 redirects static.criteo.net
2	id5-sync.com	cdn.id5-sync.com 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
2	orchidhousepainters.com.au	folkd.com
2	astrologyexperts.in	folkd.com
2	myfirsthomeincalgary.ca	folkd.com
2	risalafurniture.ae	folkd.com
2	shamlatech.com	folkd.com
2	www.kryderlaw.com	folkd.com
2	storage.googleapis.com	folkd.com
2	cdn.confiant-integrations.net	monu.delivery cdn.confiant-integrations.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io	folkd.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.clarity.ms	folkd.com www.clarity.ms
2	www.googletagmanager.com	folkd.com
1	c.bing.com	1 redirects
1	p.rfihub.com	1 redirects
1	sync.inmobi.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	a.c.appier.net	1 redirects
1	ads.travelaudience.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	us-u.openx.net	google-bidout-d.openx.net
1	eu-u.openx.net	google-bidout-d.openx.net
1	mug.criteo.com	folkd.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	esp.rtbhouse.com	folkd.com
1	oajs.openx.net	folkd.com
1	www.comfortkeepers.com	folkd.com
1	miro.medium.com	folkd.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	m.stripe.com	m.stripe.network
1	cdnjs.cloudflare.com	folkd.com
1	www.folkd.com	1 redirects
0	rtb.mfadsrvr.com Failed	ads.yieldmo.com
0	csync.loopme.me Failed	ads.yieldmo.com
0	ssbsync.smartadserver.com Failed	ads.yieldmo.com
0	sync-adform.ads.yieldmo.com Failed	ads.yieldmo.com
0	contextual.media.net Failed	ads.yieldmo.com
0	aa.agkn.com Failed	ads.yieldmo.com
0	stags.bluekai.com Failed	ads.yieldmo.com
0	cs.admanmedia.com Failed	ads.yieldmo.com
0	xsync.iqzone.com Failed	ads.yieldmo.com
0	idsync.rlcdn.com Failed	ads.yieldmo.com
0	match.prod.bidr.io Failed	ads.yieldmo.com
0	rtb.adentifi.com Failed	ads.yieldmo.com
0	u.ipw.metadsp.co.uk Failed	ads.yieldmo.com
0	bttrack.com Failed	ads.yieldmo.com
0	sync-openx.ads.yieldmo.com Failed	ads.yieldmo.com
0	sync.srv.stackadapt.com Failed	ads.yieldmo.com
0	yieldmo-match.dotomi.com Failed	ads.yieldmo.com
0	pixel.tapad.com Failed	ads.yieldmo.com
0	bh.contextweb.com Failed	ads.yieldmo.com
0	pixel-eu.rubiconproject.com Failed	ads.yieldmo.com
0	ups.analytics.yahoo.com Failed	ads.yieldmo.com
0	wpi.sportsbookreview.com Failed	folkd.com
751	112

This site contains links to these domains. Also see Links.

Domain
thaihungphat.vn
www.kryderlaw.com
shamlatech.com
risalafurniture.ae
medium.com
forums.prosportsdaily.com
myfirsthomeincalgary.ca
astrologyexperts.in
www.comfortkeepers.com
orchidhousepainters.com.au

Subject Issuer	Validity	Valid
folkd.com R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
*.monu.delivery Sectigo RSA Domain Validation Secure Server CA	`2023-02-23` - `2024-03-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
bubble.io Cloudflare Inc ECC CA-3	`2023-11-16` - `2024-11-15`	a year	crt.sh
*.n7.xano.io R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
imps.monu.delivery GTS CA 1D4	`2023-11-13` - `2024-02-11`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
www.kryderlaw.com Cloudflare Inc ECC CA-3	`2023-11-04` - `2024-11-02`	a year	crt.sh
www.risalafurniture.ae.spcflooringdubai.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2023-10-19` - `2024-01-17`	3 months	crt.sh
myfirsthomeincalgary.ca GTS CA 1P5	`2023-10-19` - `2024-01-17`	3 months	crt.sh
astrologyexperts.in R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
*.comfortkeepers.com Certainly Intermediate R1	`2023-11-13` - `2023-12-13`	a month	crt.sh
*.orchidhousepainters.com.au R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-11-08` - `2024-02-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.yieldmo.com Amazon RSA 2048 M02	`2023-05-21` - `2024-06-18`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
protected-by.clarium.io Amazon RSA 2048 M03	`2023-11-16` - `2024-12-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
kinesis.us-east-1.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
post.update.tas.yieldmo.com R3	`2023-10-01` - `2023-12-30`	3 months	crt.sh

This page contains 65 frames:

Primary Page: https://folkd.com/
Frame ID: B844227005499BFA25B05F06ED0ADC1E
Requests: 218 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 33D59A1C5A53969C905D99EAA1441F36
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 9E950B4C4E5D1B7B5331021FA7DA3073
Requests: 4 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 054358A2C513D0BB7225B73A3DE6B928
Requests: 1 HTTP requests in this frame

Frame: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BC464F51E89706DAC41C16EBE928CFA0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
Frame ID: 5DA0E4430CD3448F7C7928A937906FDC
Requests: 2 HTTP requests in this frame

Frame: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1FAF23F0D9CEDF3ED948AABDC780F188
Requests: 5 HTTP requests in this frame

Frame: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6E3AB349AC8E54A4AA1C7FA378CF47EC
Requests: 25 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Frame ID: 2040E23B3A19D9E31109722134B8F99A
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: E8758AEE1237638456C939C84E481303
Requests: 7 HTTP requests in this frame

Frame: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6F97D68DA65EB244B0ED246CDA64350E
Requests: 22 HTTP requests in this frame

Frame: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2533C09148D52F99C4E88C9C0C26DC7C
Requests: 21 HTTP requests in this frame

Frame: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 256DD0977731ED0FB66375FCE9B049A9
Requests: 22 HTTP requests in this frame

Frame: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E4C80E7A3C17FD2FE869AD00B8D8EC16
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C1C61DDB0A09747F6502FF896FAA875
Requests: 9 HTTP requests in this frame

Frame: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5706F3002E75A6EDAA5F9AB80EFAEEFE
Requests: 22 HTTP requests in this frame

Frame: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F6E5053B7CB9115E15B369C1DCFC771E
Requests: 22 HTTP requests in this frame

Frame: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4FF7CDA0695B08E91436E0004E7C7929
Requests: 22 HTTP requests in this frame

Frame: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C2B8D936188982EBE8FBF9DFE350B49F
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2978D540C46DA7B8E54252C95B96D2E9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6EAA484993E8337DFF1DC937F89B8E37
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E8DC6E8E29A82891EA0B18CE5644C2E5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C00915FA65C28F0BDFC891AB7A7AEF43
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0D9F97EE78519C73B7A1287DE9BBFEA4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 091C2A408C4796EB9C677C0267F71D46
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D43E06BC5589D299291AD05AFD8875E0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F31CB62FDB31CDF581D355837B118746
Requests: 9 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: D839B53D97DF0A5E53F8086BF3C7DAF2
Requests: 32 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 3059E0251094C210DD3D68816DD723E7
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: DAB7560D4268BBEAA41C1FC290DD3236
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: B9F819577B53544B35646DBA05224905
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 68E7504E08ADEAEF56CE148222EB7D5A
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 7D5681FDAE655677B295EBB92D932AAF
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 5A642A59F9DC3BB61E280F860E60BFA8
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 27EE7958A3DAE1733C5C0A549CD6111B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 151F6C3B5FA80CAB08380A3D9D97AC80
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: D524D86468E8D23BDA14778B40ABCF76
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: C30F86C3C9EA821FF266DF2267A97ED1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 84DFEAE84653B7109402BF0457ACE791
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 2138E6CF0DB104608C3BFA461E16440F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: F5930E6964DA189201BAC88F751C5F97
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 5F8B859E2296BED0F562DB4A8FD795FD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 4C0C51E8BF4C9CFBBCB43FDBE17D4505
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: B9C8285B3CAF367D397E6A3B7EF231C0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 9B816037094CCCCF52AC11A99CACB775
Requests: 5 HTTP requests in this frame

Frame: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0CA2C98E04065B131604B4B4BF8F426C
Requests: 23 HTTP requests in this frame

Frame: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3412321029805258910&pv=26d423c9-ac23-4e2b-8d07-aa3f1d5f8ce9&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3412321029805258910&bt=programmatic&gt=ch
Frame ID: B2257C02F647AA616676A99E7C832070
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 7E99D086AEEEDA86CFE26BAE7EE6679A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 645329D0078794C09EDB636AE5409C49
Requests: 9 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 98D846B95E628F44781AAE89AE9811D1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 291BB8FC05616EF28C85900E58A29CD9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 885F367A7A31743D81B1B00332815577
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A26C6F98718B496C78C7E9A5BD9C8B2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F38C5EC8AC7602E0200DC4E3577D49CA
Requests: 2 HTTP requests in this frame

Frame: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C1FFFBCA8AB23F77185BF02109577119
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6862860EDFFFADF777DDE2722A3D2DB3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 565DE1BEEE9CC385063420893B29E78E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 35BE38C1231FF9D34EDAC1CAB0841977
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9BD11BC5CE636670843FF47149E9DEE4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E9FE1DCEEA17B739B9ECAE3661A64D6B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B52AD19920FB6892B94ECC95A62B9C99
Requests: 9 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 6F38D7B386DBE372D87459F30F933008
Requests: 1 HTTP requests in this frame

Frame: blob://https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/87af54f4-d2b8-4fe5-b707-96a792a151cd
Frame ID: DE7205F815B7489260D8B190B7585C0B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0214D06164EF0363CBEBA732AEDD163C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AB954F928FFE1C5EF41F1686FFFB5422
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Folkd | Home

Page URL History Show full URLs

https://www.folkd.com/submit/themesotheliomalawcenter.com/reno-nv-mesothelioma-legal-question/ HTTP 307
https://folkd.com/submit/themesotheliomalawcenter.com/reno-nv-mesothelioma-legal-question/ HTTP 301
https://folkd.com/ Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

751
Requests

85 %
HTTPS

40 %
IPv6

86
Domains

112
Subdomains

64
IPs

12
Countries

9954 kB
Transfer

27092 kB
Size

89
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://thaihungphat.vn/full-bang-bao-gia-may-bom-chua-chay-ebara-chinh-hang/

Search URL Search Domain Scan URL

URL: https://www.kryderlaw.com/legal-glossary/complaint-and-answer/

Search URL Search Domain Scan URL

URL: https://shamlatech.com/meme-coin-development/

Search URL Search Domain Scan URL

URL: https://risalafurniture.ae/shutter-blinds/

Search URL Search Domain Scan URL

URL: https://medium.com/@dpeterlucasneurosurgeon/new-neurosurgical-techniques-unveiled-in-australia-d637e9b9147b

Search URL Search Domain Scan URL

URL: https://forums.prosportsdaily.com/member.php?1531117-BestSmartWatche

Search URL Search Domain Scan URL

URL: https://myfirsthomeincalgary.ca/tips-to-sell-property-during-holidays-with-realtors-help/

Search URL Search Domain Scan URL

URL: https://astrologyexperts.in/top-astrologer-in-santacruz-west-mumbai

Search URL Search Domain Scan URL

URL: https://www.comfortkeepers.com/offices/california/sacramento-metro/care-services/respite-care/

Search URL Search Domain Scan URL

URL: https://orchidhousepainters.com.au/service/commercial-painting-melbourne

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.folkd.com/submit/themesotheliomalawcenter.com/reno-nv-mesothelioma-legal-question/ HTTP 307
https://folkd.com/submit/themesotheliomalawcenter.com/reno-nv-mesothelioma-legal-question/ HTTP 301
https://folkd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 165

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../logo-thai-hung-phat.jpg HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../logo-thai-hung-phat.jpg

Request Chain 213

https://gum.criteo.com/sid/json?origin=publishertagids&domain=folkd.com&sn=ChromeSyncframe&so=0&topUrl=folkd.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=S2Ykanx3ZGM3ZW1vcmMvVU1ZTmM4bFdLeXZjcGFtdDRIM25FNDRKaTRCQUwyT0d2ckN1MXZlZ3lRNXFmVXRTK3BEVWxZNW02NDFIdGRCckEwdFdSUEFDakhtaWVRcHBLa29PTnJ1cUMxZjhqa1k1Rml6amFCK1RPcG5RYWlnVDRkYnhmaCs0SEVhbDVTNno0dlFRbFo1ZjBrK2hNbmZacGx5dXdaUXZDa0JEbFhHYWJjK21wUFJQaFhvSmJGdHdsaXlHdnFXZjBiOHpPMENsdnNKYUx6VnhPRGhoN0VMa1dEMGhkbkM0TFEwWWgrSStKck5nWjNNalBVZ3NiWk1Kcy9LOVkzRVlhTHhDZ1pNMmJOK3MrL2hjRWtuUT09fA&cppv=2

Request Chain 214

https://google-bidout-d.openx.net/w/1.0/pd?plm=5 HTTP 302
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Request Chain 251

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=254002728751764508

Request Chain 252

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e875b2bd-b322-83c3-a113-4cca9ea4c04a HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e875b2bd-b322-83c3-a113-4cca9ea4c04a&dcc=t

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMmVBUIz-AkqsfNSAoyYw94&google_cver=1

Request Chain 256

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../logo-thai-hung-phat.jpg HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../logo-thai-hung-phat.jpg

Request Chain 329

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIxNSk-2SxJySr9wirEZk24&google_cver=1&google_push=AXcoOmQ6HcIFwwWiBOXlJQs3L2VczOSvbbdlIY7ti_EJUooW4ZmnWAVsE6Em9pAJX7REfHaiYGb2p8BHkASUSSBBKiJZDXN_cA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIxNSk-2SxJySr9wirEZk24&google_push=AXcoOmQ6HcIFwwWiBOXlJQs3L2VczOSvbbdlIY7ti_EJUooW4ZmnWAVsE6Em9pAJX7REfHaiYGb2p8BHkASUSSBBKiJZDXN_cA

Request Chain 330

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEHtxdFT8Cxw1x9hPyMhrneE&google_cver=1&google_push=AXcoOmS4P7qTQlUorlUtwgqnxCSOQeFVwD6KVxsSLDzhMlCh_1GyJA6qXwnCZyDVeg87DWmeBzWjRvAsXAAvLInyGOuWRX3eSuQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS4P7qTQlUorlUtwgqnxCSOQeFVwD6KVxsSLDzhMlCh_1GyJA6qXwnCZyDVeg87DWmeBzWjRvAsXAAvLInyGOuWRX3eSuQ

Request Chain 331

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPu2DdxCy9U0ET0lqWNLtes&google_cver=1&google_push=AXcoOmTipQin4dnLrudUMTsxLFVI4WFHkdIa00JoiynPA2TQH_8A0Q4lIAWfuC_L7bN7DVr7pYc93L9busaRTkO6rsPnzW6gVHc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-0ZljfnxRGohC1SUjyKn6g&google_push=AXcoOmTipQin4dnLrudUMTsxLFVI4WFHkdIa00JoiynPA2TQH_8A0Q4lIAWfuC_L7bN7DVr7pYc93L9busaRTkO6rsPnzW6gVHc

Request Chain 332

https://a.c.appier.net/gcm?google_gid=CAESECCJfzsRZCGXPb_4PC4VwRg&google_cver=1&google_push=AXcoOmTSZgjV0RxpaQ-legwPOSOssoRCHg7ufS-v_us3WO0p0Jd3HwySM-lTS5d74THOrYwtWLGkc3D-IWOELXnZJCrL_0Assdo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OGFDVXRpLTRCR2kydnVLQW9LNWRaUQ%3D%3D&google_push=AXcoOmTSZgjV0RxpaQ-legwPOSOssoRCHg7ufS-v_us3WO0p0Jd3HwySM-lTS5d74THOrYwtWLGkc3D-IWOELXnZJCrL_0Assdo

Request Chain 333

https://ums.acuityplatform.com/tum?umid=4&uid=CAESENN7QyjzEWX6r-aJ_YYRd-k&google_cver=1&google_push=AXcoOmQo9CXYx1GPgMwOrVnPv98gbVEXK1FO3oiG8O-xWV9gpGerf67u4oqOpsxIWEr8f19HouPxjTisZ0C7vxE9-sr8TjvFDQs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=855339880763&us_privacy=1---

Request Chain 335

https://sync.inmobi.com/gob?google_gid=CAESEFt01k7bN605GAjRR4FFBB8&google_cver=1&google_push=AXcoOmQTqmfdzypXnSTJ81M4zYqMkNcy--7X0MaXtXBjN6o7Z7M_mZnULD7VhJr8oALAlPztwxf_du-RPeCJxS1ZLIxbmo_iP04 HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQTqmfdzypXnSTJ81M4zYqMkNcy--7X0MaXtXBjN6o7Z7M_mZnULD7VhJr8oALAlPztwxf_du-RPeCJxS1ZLIxbmo_iP04

Request Chain 344

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQWVhN6i0J4DhzQB8XQoM5X9Ryu1cee8BZcUGMizTvjzARUvU__NTKbbwTHreAXJSmzFqC4u-WmcxxIn69qPmwDkSHoxTrm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQWVhN6i0J4DhzQB8XQoM5X9Ryu1cee8BZcUGMizTvjzARUvU__NTKbbwTHreAXJSmzFqC4u-WmcxxIn69qPmwDkSHoxTrm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQWVhN6i0J4DhzQB8XQoM5X9Ryu1cee8BZcUGMizTvjzARUvU__NTKbbwTHreAXJSmzFqC4u-WmcxxIn69qPmwDkSHoxTrm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQWVhN6i0J4DhzQB8XQoM5X9Ryu1cee8BZcUGMizTvjzARUvU__NTKbbwTHreAXJSmzFqC4u-WmcxxIn69qPmwDkSHoxTrm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 345

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmRs8p_qan5j0k3LrFIWJz5MhlZquGXcc_Xc0THtf6H_693YDYuU4rs5qF9UMH4eoUq-ZwnzqC7RDvqbDbEMmq3pwsD64StR HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmRs8p_qan5j0k3LrFIWJz5MhlZquGXcc_Xc0THtf6H_693YDYuU4rs5qF9UMH4eoUq-ZwnzqC7RDvqbDbEMmq3pwsD64StR HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433831121954712&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ-lY1VTLjMslRzODNf5ct0HXPAs2WZaIJF-TYVm-4o5FCgrDqzLj9tGd9iRq462eVg5CpkAP6Iz-CPJGIO2XvxJntN6pU&google_hm=3DpI-skNR3qWj3MHlipBMA==

Request Chain 346

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSJ5pQUSqvmXDnwmrBQe718sdeXJCQJIxTwsRjqjMcpKyuBp2BSwVzIcVr2C76RUDTWETL9-g1oL1z2t0QRNs2Lk7CYwSw2&google_gid=CAESEC3uavA1vBwW-9lZ46z6MsU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmSJ5pQUSqvmXDnwmrBQe718sdeXJCQJIxTwsRjqjMcpKyuBp2BSwVzIcVr2C76RUDTWETL9-g1oL1z2t0QRNs2Lk7CYwSw2

Request Chain 347

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF1BIfnuP6zG_mcBXeko1Do&google_cver=1&google_push=AXcoOmRdIwUWqxLL1sX4s3Jp5XJFhy6opcvSlNRZ7NsRZqfgeo04DksFcnNNZ39-Ez3RucUI7kvVU7lJeObnGEY1zkNu-uNZdto HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF1BIfnuP6zG_mcBXeko1Do&google_cver=1&google_push=AXcoOmRdIwUWqxLL1sX4s3Jp5XJFhy6opcvSlNRZ7NsRZqfgeo04DksFcnNNZ39-Ez3RucUI7kvVU7lJeObnGEY1zkNu-uNZdto&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRdIwUWqxLL1sX4s3Jp5XJFhy6opcvSlNRZ7NsRZqfgeo04DksFcnNNZ39-Ez3RucUI7kvVU7lJeObnGEY1zkNu-uNZdto

Request Chain 348

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTfDSrASi9LbYHG4aQIf83-kzhbEMhkMGTZOUCDLpoF7VuV6GerWKC84-tJekC3u59kKqxp8aVwyqLZN88OXshmyVvxUqnT%26google_hm%3D%5BUID%5D&google_gid=CAESEJsLkmb7S-g0EYQmnZICErg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTfDSrASi9LbYHG4aQIf83-kzhbEMhkMGTZOUCDLpoF7VuV6GerWKC84-tJekC3u59kKqxp8aVwyqLZN88OXshmyVvxUqnT&google_hm=a243d255-16dc-4264-9ee5-cfe071bb6d30

Request Chain 349

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmSc5ESzMVKJ2aL-7Fo8p0jBG_crnpqEgG-K1zouiqvIVz7HERJSTIm1GlNVe6aAQKtAjoxFDdVh1hCb-CZNzdl3xQxlmgLS HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmSc5ESzMVKJ2aL-7Fo8p0jBG_crnpqEgG-K1zouiqvIVz7HERJSTIm1GlNVe6aAQKtAjoxFDdVh1hCb-CZNzdl3xQxlmgLS&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSc5ESzMVKJ2aL-7Fo8p0jBG_crnpqEgG-K1zouiqvIVz7HERJSTIm1GlNVe6aAQKtAjoxFDdVh1hCb-CZNzdl3xQxlmgLS&google_hm=HspkpGZHXCEtjKfnQregqtlM

Request Chain 350

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk&google_cver=1&google_push=AXcoOmSkNMt-1aYWgZH5niG1kVlsFr7hLhdRZFkv_iKEh9iMTT-83Kvi64smoGmSqtaU9nDJeRqzto_UurPqxT0e0gfxbkudHRx6 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSkNMt-1aYWgZH5niG1kVlsFr7hLhdRZFkv_iKEh9iMTT-83Kvi64smoGmSqtaU9nDJeRqzto_UurPqxT0e0gfxbkudHRx6&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmSkNMt-1aYWgZH5niG1kVlsFr7hLhdRZFkv_iKEh9iMTT-83Kvi64smoGmSqtaU9nDJeRqzto_UurPqxT0e0gfxbkudHRx6

Request Chain 352

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmSrxDMBMYVvXAPSCDEUaZ9nqLwYpk1yXvKR6LPsim0FkTYfuunVXq3IxAnj-LDLlC7qC7mundZMLz6o_uuLXc82BeQ40h8 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmSrxDMBMYVvXAPSCDEUaZ9nqLwYpk1yXvKR6LPsim0FkTYfuunVXq3IxAnj-LDLlC7qC7mundZMLz6o_uuLXc82BeQ40h8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSrxDMBMYVvXAPSCDEUaZ9nqLwYpk1yXvKR6LPsim0FkTYfuunVXq3IxAnj-LDLlC7qC7mundZMLz6o_uuLXc82BeQ40h8&google_hm=3DpI-skNR3qWj3MHlipBMA==

Request Chain 353

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT1b_iP1lhdK_bmSLbJteJKR5rj_iKyELwNjuWX8NXgmBcXgezLWTpCbgNYUiwGCdsEIzWhfK37RUFBuBkOuZseWUyQU2E&google_gid=CAESEC3uavA1vBwW-9lZ46z6MsU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmT1b_iP1lhdK_bmSLbJteJKR5rj_iKyELwNjuWX8NXgmBcXgezLWTpCbgNYUiwGCdsEIzWhfK37RUFBuBkOuZseWUyQU2E

Request Chain 354

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBFIPfLlvg449rO_aj0K2-g&google_cver=1&google_push=AXcoOmTrVT82oLOwyfBFovoyWQscLRMVQ9knA6j1iIanjNnRxpz87l5szSfQpfb9rgoP7RlNPUyFW1TmqlIuxYnOvQn1dm3bRFI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmTrVT82oLOwyfBFovoyWQscLRMVQ9knA6j1iIanjNnRxpz87l5szSfQpfb9rgoP7RlNPUyFW1TmqlIuxYnOvQn1dm3bRFI

Request Chain 355

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_cver=1&google_push=AXcoOmRCN1GI00iEboB5fH_e1iKrV_L8ZgG96wtBFf2TyvKgR9fkgpLjkZC3Gc5WbjxjlZEOBNcNgOKCUqaHfcg23gVBA58Uew HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_push=AXcoOmRCN1GI00iEboB5fH_e1iKrV_L8ZgG96wtBFf2TyvKgR9fkgpLjkZC3Gc5WbjxjlZEOBNcNgOKCUqaHfcg23gVBA58Uew&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_hm=ZV2unyIIgauQTeblnfMpnwAABIoAAAIB&google_nid=index&google_push=AXcoOmRCN1GI00iEboB5fH_e1iKrV_L8ZgG96wtBFf2TyvKgR9fkgpLjkZC3Gc5WbjxjlZEOBNcNgOKCUqaHfcg23gVBA58Uew

Request Chain 356

https://ads.yieldmo.com/exptsync?google_gid=CAESEPwGwY0Jy-cgKyqZIEHMWg0&google_cver=1&google_push=AXcoOmSLmg533PPFBZLd043kSt1Zz8gOidP8yYR2Aaxijd363apiTXaSCesn1oGZ7KIStPaQiQ_A6lBarKo0rpUcZZlUwnPcD7Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSLmg533PPFBZLd043kSt1Zz8gOidP8yYR2Aaxijd363apiTXaSCesn1oGZ7KIStPaQiQ_A6lBarKo0rpUcZZlUwnPcD7Y&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=

Request Chain 357

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk&google_cver=1&google_push=AXcoOmRjGD3gvinAgjJqRtq6p7Z0O3UGHVojcgHGjX3hc42uyBPuCuJxdTpX1Aha2Tn1xDJJ1scLKxQdpHslweSkpKqjXYLD4lY HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRjGD3gvinAgjJqRtq6p7Z0O3UGHVojcgHGjX3hc42uyBPuCuJxdTpX1Aha2Tn1xDJJ1scLKxQdpHslweSkpKqjXYLD4lY&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmRjGD3gvinAgjJqRtq6p7Z0O3UGHVojcgHGjX3hc42uyBPuCuJxdTpX1Aha2Tn1xDJJ1scLKxQdpHslweSkpKqjXYLD4lY

Request Chain 360

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmTa9OhIobmdcyjJfaES-Rh-4ARlfPq7lVZ769BrhNq7zSG2c5iYMVIKDd9fHDfIlhUqid6jtRXaQ59d4h0QmbZD9BKfzn3N&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTa9OhIobmdcyjJfaES-Rh-4ARlfPq7lVZ769BrhNq7zSG2c5iYMVIKDd9fHDfIlhUqid6jtRXaQ59d4h0QmbZD9BKfzn3N%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmTa9OhIobmdcyjJfaES-Rh-4ARlfPq7lVZ769BrhNq7zSG2c5iYMVIKDd9fHDfIlhUqid6jtRXaQ59d4h0QmbZD9BKfzn3N&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTa9OhIobmdcyjJfaES-Rh-4ARlfPq7lVZ769BrhNq7zSG2c5iYMVIKDd9fHDfIlhUqid6jtRXaQ59d4h0QmbZD9BKfzn3N%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 361

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTE2Bnuq5EQbnCpu-oWoDKTHNLEfEvh2-bclX0msRrl-43ODJn36SmHZudeEzvIHzR_mYgDF5dgNFQA7Ogt04BS4ZR6k1Vc&google_gid=CAESEC3uavA1vBwW-9lZ46z6MsU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmTE2Bnuq5EQbnCpu-oWoDKTHNLEfEvh2-bclX0msRrl-43ODJn36SmHZudeEzvIHzR_mYgDF5dgNFQA7Ogt04BS4ZR6k1Vc

Request Chain 362

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBFIPfLlvg449rO_aj0K2-g&google_cver=1&google_push=AXcoOmSCkV4OG6ZS-RkJv30Tk9tFls0HBOLan5KKhK_1WUDSxaUY4UPB4aqyU0qUS2BYQt084x6ypP8WBJq5iOBS8xWntU3m59FD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmSCkV4OG6ZS-RkJv30Tk9tFls0HBOLan5KKhK_1WUDSxaUY4UPB4aqyU0qUS2BYQt084x6ypP8WBJq5iOBS8xWntU3m59FD

Request Chain 363

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFDSaaK22dnG49-F_hamc9Y&google_cver=1&google_push=AXcoOmRB99MzjCg75bCw0gYqaVHWoz4vb5jUa4nxN0i1XwtlZnmbZT5ExaLY9l-OHfKMfCjcDGD4XHBUxiKTlmieK_mUc1uL7RiZ HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFDSaaK22dnG49-F_hamc9Y&google_push=AXcoOmRB99MzjCg75bCw0gYqaVHWoz4vb5jUa4nxN0i1XwtlZnmbZT5ExaLY9l-OHfKMfCjcDGD4XHBUxiKTlmieK_mUc1uL7RiZ&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRB99MzjCg75bCw0gYqaVHWoz4vb5jUa4nxN0i1XwtlZnmbZT5ExaLY9l-OHfKMfCjcDGD4XHBUxiKTlmieK_mUc1uL7RiZ&google_hm=d1N6Nnp6T04ydUpHY3FFRmdadnQ=

Request Chain 364

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTWeELF8Ox-OyXk8fSmalEarcxQU7hYhJ6YhoXOHxd8MkTMKCn0_wj81mAhgj1qM-OtGIcepDv2UaE1bwlDTDstWvVLcVIZ%26google_hm%3D%5BUID%5D&google_gid=CAESEJsLkmb7S-g0EYQmnZICErg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTWeELF8Ox-OyXk8fSmalEarcxQU7hYhJ6YhoXOHxd8MkTMKCn0_wj81mAhgj1qM-OtGIcepDv2UaE1bwlDTDstWvVLcVIZ&google_hm=4a5b2e35-fb4b-46c2-9475-3528217c8022

Request Chain 365

https://ads.yieldmo.com/exptsync?google_gid=CAESEPwGwY0Jy-cgKyqZIEHMWg0&google_cver=1&google_push=AXcoOmRrVoR2b3bQTcpIwNyj7pPdU38Y8a4b6A-FM1bxeWpvgIvuy0w5GSLLtJI_SK74e_6Sx367JaF1dLau_7MeckE8oGMdvyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRrVoR2b3bQTcpIwNyj7pPdU38Y8a4b6A-FM1bxeWpvgIvuy0w5GSLLtJI_SK74e_6Sx367JaF1dLau_7MeckE8oGMdvyI&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=

Request Chain 383

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQctGANvJK5GG4TWNN97JZEA1CKxgvj60hPZsunV_hWWX9tnTlersnJrE6NypNxQG6aFI0efN5jqa5M00ol-qoKoMkxarny&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQctGANvJK5GG4TWNN97JZEA1CKxgvj60hPZsunV_hWWX9tnTlersnJrE6NypNxQG6aFI0efN5jqa5M00ol-qoKoMkxarny%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQctGANvJK5GG4TWNN97JZEA1CKxgvj60hPZsunV_hWWX9tnTlersnJrE6NypNxQG6aFI0efN5jqa5M00ol-qoKoMkxarny&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQctGANvJK5GG4TWNN97JZEA1CKxgvj60hPZsunV_hWWX9tnTlersnJrE6NypNxQG6aFI0efN5jqa5M00ol-qoKoMkxarny%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 384

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmQ-lY1VTLjMslRzODNf5ct0HXPAs2WZaIJF-TYVm-4o5FCgrDqzLj9tGd9iRq462eVg5CpkAP6Iz-CPJGIO2XvxJntN6pU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ-lY1VTLjMslRzODNf5ct0HXPAs2WZaIJF-TYVm-4o5FCgrDqzLj9tGd9iRq462eVg5CpkAP6Iz-CPJGIO2XvxJntN6pU&google_hm=3DpI-skNR3qWj3MHlipBMA==

Request Chain 385

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT6VaFz3YE-Z9kRxHp8bEJXzKtz1BGO2jK1vniyAUktfiuLlHku0iLGkwmfLDU9VOh5lKLtJ6RtHTnQxcvJZbgxhT0F6_k&google_gid=CAESEC3uavA1vBwW-9lZ46z6MsU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmT6VaFz3YE-Z9kRxHp8bEJXzKtz1BGO2jK1vniyAUktfiuLlHku0iLGkwmfLDU9VOh5lKLtJ6RtHTnQxcvJZbgxhT0F6_k

Request Chain 386

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmSoan41Jp0kEMBvlafTeuTCbWYn40FH3kbSoE0Kwp2xLa22pVGAF2FsVaJ7PE3NA4H4V0EgwlAjxbIdu5QrcX8tprJ7eQVE%26google_hm%3D%5BUID%5D&google_gid=CAESEJsLkmb7S-g0EYQmnZICErg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmSoan41Jp0kEMBvlafTeuTCbWYn40FH3kbSoE0Kwp2xLa22pVGAF2FsVaJ7PE3NA4H4V0EgwlAjxbIdu5QrcX8tprJ7eQVE&google_hm=dd351fb4-19db-4585-b2cd-76af2ce8d523

Request Chain 387

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmRKMqpnKhuXa2hexMOBk3o-UEERvkpvob96fyrfmUp7x6OzPS-CW74dLMKZXaMgEiIx74ehezIzbMi0qOYISKTQRglM1fDQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRKMqpnKhuXa2hexMOBk3o-UEERvkpvob96fyrfmUp7x6OzPS-CW74dLMKZXaMgEiIx74ehezIzbMi0qOYISKTQRglM1fDQ&google_hm=HspkpGZHXCEtjKfnQregqtlM

Request Chain 388

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELi9c1fsEQKOFI3O6fP6TEo&google_cver=1&google_push=AXcoOmRa9mLE835fnFUcqXxJVO3pXFyEjcNra58QfEVIKc6PBvXkSyUrnP4H6ZXMCtKNJYOQh3FiAksnRU8FHquiiS0XISu6EO4 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRa9mLE835fnFUcqXxJVO3pXFyEjcNra58QfEVIKc6PBvXkSyUrnP4H6ZXMCtKNJYOQh3FiAksnRU8FHquiiS0XISu6EO4&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1700638368036 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-aed4d127-19e6-4301-9d16-4d3596549d75-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRa9mLE835fnFUcqXxJVO3pXFyEjcNra58QfEVIKc6PBvXkSyUrnP4H6ZXMCtKNJYOQh3FiAksnRU8FHquiiS0XISu6EO4%26google_hm%3DA67U0ScZ5kMBnRZNNZZUnXU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRa9mLE835fnFUcqXxJVO3pXFyEjcNra58QfEVIKc6PBvXkSyUrnP4H6ZXMCtKNJYOQh3FiAksnRU8FHquiiS0XISu6EO4&google_hm=A67U0ScZ5kMBnRZNNZZUnXU

Request Chain 398

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQrTZb3Wl3lmXUeR8L4iP-c0MjdH3XtJjuIod_He_2IBp5b6vOum8NQG38i6PjtqpSnSTNNR1oIF67I_E-O8a2g2jUjatMv&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQrTZb3Wl3lmXUeR8L4iP-c0MjdH3XtJjuIod_He_2IBp5b6vOum8NQG38i6PjtqpSnSTNNR1oIF67I_E-O8a2g2jUjatMv%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQrTZb3Wl3lmXUeR8L4iP-c0MjdH3XtJjuIod_He_2IBp5b6vOum8NQG38i6PjtqpSnSTNNR1oIF67I_E-O8a2g2jUjatMv&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQrTZb3Wl3lmXUeR8L4iP-c0MjdH3XtJjuIod_He_2IBp5b6vOum8NQG38i6PjtqpSnSTNNR1oIF67I_E-O8a2g2jUjatMv%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 399

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBFIPfLlvg449rO_aj0K2-g&google_cver=1&google_push=AXcoOmQCRvs2PufU228O6ATgMpaVsSiLlxaQkOHjOi7ywOUT3UIpDqBtQ3Se8cP1J6IcdorUTqg9bZmSJN4LT0WRK-f9lrUg71QB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmQCRvs2PufU228O6ATgMpaVsSiLlxaQkOHjOi7ywOUT3UIpDqBtQ3Se8cP1J6IcdorUTqg9bZmSJN4LT0WRK-f9lrUg71QB

Request Chain 400

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF1BIfnuP6zG_mcBXeko1Do&google_cver=1&google_push=AXcoOmRhMe0NWEoyB57AvDkmQvM6Rq60g3MgQkxjLyLJehgUhuGEnaWsugxkwkfe8qu0IniaNjSDtB2EstFNd_QtZc1snS9v89FBjA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRhMe0NWEoyB57AvDkmQvM6Rq60g3MgQkxjLyLJehgUhuGEnaWsugxkwkfe8qu0IniaNjSDtB2EstFNd_QtZc1snS9v89FBjA

Request Chain 401

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQNbIbcmCXhw2mVlawctvK_P-Bpdw6uQQLSdLfNaURJrnJYwVNbtE5BrDJn7rrjSfNjCZtOxV994uPvLNsetHqE5Jhfbxh6EA%26google_hm%3D%5BUID%5D&google_gid=CAESEJsLkmb7S-g0EYQmnZICErg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQNbIbcmCXhw2mVlawctvK_P-Bpdw6uQQLSdLfNaURJrnJYwVNbtE5BrDJn7rrjSfNjCZtOxV994uPvLNsetHqE5Jhfbxh6EA&google_hm=fb3e05b1-3bd4-4f62-b7a9-214207b3a468

Request Chain 402

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmRvpfPjgI4aqEHSz3LDv32568Id26b0f7pl1G6VrDF2rNdqFMz_Yr-N9ekf1l9Qx_dBe2x6cYEw0hIpa7W5Dlm3Y5beS3eaNw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRvpfPjgI4aqEHSz3LDv32568Id26b0f7pl1G6VrDF2rNdqFMz_Yr-N9ekf1l9Qx_dBe2x6cYEw0hIpa7W5Dlm3Y5beS3eaNw&google_hm=HspkpGZHXCEtjKfnQregqtlM

Request Chain 403

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk&google_cver=1&google_push=AXcoOmTCrGqUdH4Pgi7XnV37aMWexi3YKP1NoMGd66VKyPnSwekMJqyNjud2rkhWwpvACzi8GuuNciU6yc3faN07TiQyvxN4WsCa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmTCrGqUdH4Pgi7XnV37aMWexi3YKP1NoMGd66VKyPnSwekMJqyNjud2rkhWwpvACzi8GuuNciU6yc3faN07TiQyvxN4WsCa

Request Chain 404

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEM9Ft7LE6Mv8dJSsZU1OA0s&google_cver=1&google_push=AXcoOmSkqRjAIKvI_-RXwaqGvbGrovhM-fyyUHSAxaM4MXwY8JcxxG8rKIYFeskCLAZu8DHYVnM2R0mizzlfUTqUbE5BUE6_vi3qVlU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSkqRjAIKvI_-RXwaqGvbGrovhM-fyyUHSAxaM4MXwY8JcxxG8rKIYFeskCLAZu8DHYVnM2R0mizzlfUTqUbE5BUE6_vi3qVlU HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 413

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF1BIfnuP6zG_mcBXeko1Do&google_cver=1&google_push=AXcoOmQOLQYGkjrxuMtVUieJKIQeDECgqtUfEiu7Arqc2Xw0LER6YXwddwXgGmHco8Bf7h58UmyFhMgPNhIWqgKqjsJAbs6rBR7sFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQOLQYGkjrxuMtVUieJKIQeDECgqtUfEiu7Arqc2Xw0LER6YXwddwXgGmHco8Bf7h58UmyFhMgPNhIWqgKqjsJAbs6rBR7sFg

Request Chain 414

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_cver=1&google_push=AXcoOmTeyNtcOS3WfDmgg2TBbqpH_OcZk4h6FQ9FXeV9MrX_z7NRM5Y_K4_rncch99WuBy4eZCrLXeWBAhWdts40x0JfWFaOuz04 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_hm=ZV2unyIIgauQTeblnfMpnwAABIoAAAIB&google_nid=index&google_push=AXcoOmTeyNtcOS3WfDmgg2TBbqpH_OcZk4h6FQ9FXeV9MrX_z7NRM5Y_K4_rncch99WuBy4eZCrLXeWBAhWdts40x0JfWFaOuz04

Request Chain 415

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmQvpxn0JMwvOksYVqgkcA6X3ZG9675LukkitU70b2Z9kRN-l0wMByFF8Ebs4syKhLamekgaA_QntZkNjOyIn75vo1Ef8SNHXw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQvpxn0JMwvOksYVqgkcA6X3ZG9675LukkitU70b2Z9kRN-l0wMByFF8Ebs4syKhLamekgaA_QntZkNjOyIn75vo1Ef8SNHXw&google_hm=HspkpGZHXCEtjKfnQregqtlM

Request Chain 416

https://ads.yieldmo.com/exptsync?google_gid=CAESEPwGwY0Jy-cgKyqZIEHMWg0&google_cver=1&google_push=AXcoOmRHvcIq7wZOtaTTKOnGsWEmb5Bjzbb7-PZHFVynuL0GoPVEFohR5YLq3UAC2_nak96mzxAk97zt_nCIBI_TnFcXFN9DpXSYhg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRHvcIq7wZOtaTTKOnGsWEmb5Bjzbb7-PZHFVynuL0GoPVEFohR5YLq3UAC2_nak96mzxAk97zt_nCIBI_TnFcXFN9DpXSYhg&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=

Request Chain 417

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk&google_cver=1&google_push=AXcoOmS-eswttGIxgMBoWwnTLA6RY9m8PZ6FydPjW35_bqgLjyFDKAlEPmfSVwLt-nM65v964a4x7na3xntNuevNRXOGBMSMepmwQA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmS-eswttGIxgMBoWwnTLA6RY9m8PZ6FydPjW35_bqgLjyFDKAlEPmfSVwLt-nM65v964a4x7na3xntNuevNRXOGBMSMepmwQA

Request Chain 418

https://cs.media.net/cksync?type=g&google_gid=CAESEHJtAFqwDJKcq5hRzYpdxMI&google_cver=1&google_push=AXcoOmSGkhn8PHaz31N_0OoD_5d_TufHaPL8nn6ePIdoU0hP8WuSYtCXelw4r3Q5Tc1s2HkhLSST0VDh_6PkeNuimXSXjnjD5DvA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&mn_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSGkhn8PHaz31N_0OoD_5d_TufHaPL8nn6ePIdoU0hP8WuSYtCXelw4r3Q5Tc1s2HkhLSST0VDh_6PkeNuimXSXjnjD5DvA&gdpr=&gdpr_consent=

Request Chain 419

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEM9Ft7LE6Mv8dJSsZU1OA0s&google_cver=1&google_push=AXcoOmSGNI2n1KSBWdgKpS16OfluEKYa4JPlRmqO-0-a2SVzGdWoMEu2dENJos6L5Za1mozmSO7-GKZa_gkcPZv18ZeSlNpLMOFD55Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSGNI2n1KSBWdgKpS16OfluEKYa4JPlRmqO-0-a2SVzGdWoMEu2dENJos6L5Za1mozmSO7-GKZa_gkcPZv18ZeSlNpLMOFD55Q HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 443

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmRG4rGwAQCbjCGVaN1VwFowWNXAULpNvwCF6Q8H4Cklx8yCyom7uYrnGG1KZY1pExa1FC8IbhjgYadlvkXl82X1FWQNUzBp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRG4rGwAQCbjCGVaN1VwFowWNXAULpNvwCF6Q8H4Cklx8yCyom7uYrnGG1KZY1pExa1FC8IbhjgYadlvkXl82X1FWQNUzBp&google_hm=3DpI-skNR3qWj3MHlipBMA==

Request Chain 444

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmT_ryrnqRj1u2L49VVNjYyxjZR9zWTlA1SIr-DpkMrahDNG1H2W-rU52OEP22Z0LZVAgFHakVPHyCPpB8nFSB4ZMxiIf5ib HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT_ryrnqRj1u2L49VVNjYyxjZR9zWTlA1SIr-DpkMrahDNG1H2W-rU52OEP22Z0LZVAgFHakVPHyCPpB8nFSB4ZMxiIf5ib&google_hm=HspkpGZHXCEtjKfnQregqtlM

Request Chain 445

https://ads.yieldmo.com/exptsync?google_gid=CAESEPwGwY0Jy-cgKyqZIEHMWg0&google_cver=1&google_push=AXcoOmROhGvILF_LFAMjP6g3OwXQaKn1GL8jfPsZsNeL_AZN53mvP0r4lC8JaTnhTPQTdOPoSLfQ02Y_x3K8KZ4uvxDu17q48ZXR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmROhGvILF_LFAMjP6g3OwXQaKn1GL8jfPsZsNeL_AZN53mvP0r4lC8JaTnhTPQTdOPoSLfQ02Y_x3K8KZ4uvxDu17q48ZXR&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=

Request Chain 446

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELi9c1fsEQKOFI3O6fP6TEo&google_cver=1&google_push=AXcoOmQtEbmUVoQHftPpawIEUlU9NX61bVCEyFAsideLSo8pimbYPU_gGoRhmOHvm_aG7-Nk7rRRRUjDn5UlMOhCJk5Lv6ayI5Or HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-aed4d127-19e6-4301-9d16-4d3596549d75-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQtEbmUVoQHftPpawIEUlU9NX61bVCEyFAsideLSo8pimbYPU_gGoRhmOHvm_aG7-Nk7rRRRUjDn5UlMOhCJk5Lv6ayI5Or%26google_hm%3DA67U0ScZ5kMBnRZNNZZUnXU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQtEbmUVoQHftPpawIEUlU9NX61bVCEyFAsideLSo8pimbYPU_gGoRhmOHvm_aG7-Nk7rRRRUjDn5UlMOhCJk5Lv6ayI5Or&google_hm=A67U0ScZ5kMBnRZNNZZUnXU

Request Chain 447

https://cs.media.net/cksync?type=g&google_gid=CAESEHJtAFqwDJKcq5hRzYpdxMI&google_cver=1&google_push=AXcoOmTf5OhLfSRQlwyFuvsFNP-cIwGZPgHrOdT1UmMtD6dnCPSDmPq5YQrfb_D5-e7JVdTOFsHZ8mEam9xXPgdFHNeTTJpqA40S HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&mn_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTf5OhLfSRQlwyFuvsFNP-cIwGZPgHrOdT1UmMtD6dnCPSDmPq5YQrfb_D5-e7JVdTOFsHZ8mEam9xXPgdFHNeTTJpqA40S&gdpr=&gdpr_consent=

Request Chain 449

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEM9Ft7LE6Mv8dJSsZU1OA0s&google_cver=1&google_push=AXcoOmRqJfTZOLAzBu0FeOA8fheoOiolmS2tZolZTDpPoloL2irgvs6mziB-LwIiZKlsFwoBW4czjoMZC_Zkh1jIieqh8l5FaElyEFU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRqJfTZOLAzBu0FeOA8fheoOiolmS2tZolZTDpPoloL2irgvs6mziB-LwIiZKlsFwoBW4czjoMZC_Zkh1jIieqh8l5FaElyEFU HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 451

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmSuF2mv5_tgPiDwAAJYbzTIXDGqi-TPsYDbrLgXChHhZ-FfOM1pbW7rONSDXsahUAqz_yE9t2xYCyO79i3jf2Tw8CDmQELCGQ HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=dc3a48fa-c90d-477a-968f-7307962a4130&gdpr=&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=dc3a48fa-c90d-477a-968f-7307962a4130&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=37d6431b-d07e-46a5-9fc0-2fcb99e34bf8&ssp=google&expires=30&user_group=5&bsw_param=dc3a48fa-c90d-477a-968f-7307962a4130 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSuF2mv5_tgPiDwAAJYbzTIXDGqi-TPsYDbrLgXChHhZ-FfOM1pbW7rONSDXsahUAqz_yE9t2xYCyO79i3jf2Tw8CDmQELCGQ&google_hm=3DpI-skNR3qWj3MHlipBMA==

Request Chain 452

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQKvcNyMCeKWZMK4cX8tx1S8PmfN5aUl5NdQ9MFbl3rF1hsU8X0OigTRMnPMA-7XQ9n23B1yszvnqPUuZ5h9725D9NzKtIRQA&google_gid=CAESEC3uavA1vBwW-9lZ46z6MsU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmQKvcNyMCeKWZMK4cX8tx1S8PmfN5aUl5NdQ9MFbl3rF1hsU8X0OigTRMnPMA-7XQ9n23B1yszvnqPUuZ5h9725D9NzKtIRQA

Request Chain 453

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFDSaaK22dnG49-F_hamc9Y&google_cver=1&google_push=AXcoOmQx0lGRdGlSSsJTeEI6Q3CY_Iwn9Bq6zDpPd4b6FreKY2zegEtcZ6gb5TOTKVRVRmFEsSNNvuijkdDh73Y8vVb32mH-fyhbRw HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFDSaaK22dnG49-F_hamc9Y&google_push=AXcoOmQx0lGRdGlSSsJTeEI6Q3CY_Iwn9Bq6zDpPd4b6FreKY2zegEtcZ6gb5TOTKVRVRmFEsSNNvuijkdDh73Y8vVb32mH-fyhbRw&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQx0lGRdGlSSsJTeEI6Q3CY_Iwn9Bq6zDpPd4b6FreKY2zegEtcZ6gb5TOTKVRVRmFEsSNNvuijkdDh73Y8vVb32mH-fyhbRw&google_hm=azJSdXdZSWw5d3ZPOWZ2eDNhWG4=

Request Chain 454

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmT3Zqg6YbEQiXFxmTgVhr81mFKLfcQmuFBmM-dkeSvGBiUECwruXJAc_DCjbX0aKmO6oPqBkUo4impgXet5_vx8cac8GRhONQ%26google_hm%3D%5BUID%5D&google_gid=CAESEJsLkmb7S-g0EYQmnZICErg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT3Zqg6YbEQiXFxmTgVhr81mFKLfcQmuFBmM-dkeSvGBiUECwruXJAc_DCjbX0aKmO6oPqBkUo4impgXet5_vx8cac8GRhONQ&google_hm=dd351fb4-19db-4585-b2cd-76af2ce8d523

Request Chain 455

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk&google_cver=1&google_push=AXcoOmTTJotLVy9AxhNrEOtaMUj1k1dbjAuAs6xnkv4qX3S5Ub0g551CfagiCCz1aRWSfY-MR5_Yr428wkJbYSJOWhmz85fkWeMI5Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmTTJotLVy9AxhNrEOtaMUj1k1dbjAuAs6xnkv4qX3S5Ub0g551CfagiCCz1aRWSfY-MR5_Yr428wkJbYSJOWhmz85fkWeMI5Q

Request Chain 456

https://cs.media.net/cksync?type=g&google_gid=CAESEHJtAFqwDJKcq5hRzYpdxMI&google_cver=1&google_push=AXcoOmSufjDb_gDFgP3YrFiPnPht3UYaVxJyonRxz3rHXYveVIsvafGMRZWT9Na5-q0DWh-8_9zBjWG3zPvp2x5uGd9XURteJkqkvA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&mn_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSufjDb_gDFgP3YrFiPnPht3UYaVxJyonRxz3rHXYveVIsvafGMRZWT9Na5-q0DWh-8_9zBjWG3zPvp2x5uGd9XURteJkqkvA&gdpr=&gdpr_consent=

Request Chain 457

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEM9Ft7LE6Mv8dJSsZU1OA0s&google_cver=1&google_push=AXcoOmRXM4qO6TbxhBF0IualAkjOHqihTVbMHEmIRNJOG3aV0u4DobK0_QfHMJBjsXemmwBjAB8vZGSZYSfnj0q6FnGBR1WtegJ35Pw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRXM4qO6TbxhBF0IualAkjOHqihTVbMHEmIRNJOG3aV0u4DobK0_QfHMJBjsXemmwBjAB8vZGSZYSfnj0q6FnGBR1WtegJ35Pw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 466

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEOWuvJNY0359t9o9Rwx4iDs&google_cver=1

Request Chain 467

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1912969244 HTTP 302
https://sync.1rx.io/usersync/turn/9109471186860667620?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-aed4d127-19e6-4301-9d16-4d3596549d75-003?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-aed4d127-19e6-4301-9d16-4d3596549d75-003 HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-aed4d127-19e6-4301-9d16-4d3596549d75-003

Request Chain 468

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fuserid%3D%24UID%26pn_id%3Dan HTTP 302
https://ads.yieldmo.com/v000/sync?userid=2975953166841500249&pn_id=an

Request Chain 472

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTMwREU5QkEtRUJFQS00RjJGLUIzMjktQjAzODJEQkMwMzQx&gdpr=-1&gdpr_consent=

Request Chain 474

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3FSr133vvQ31llzYFQnr HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FSr133vvQ31llzYFQnr

Request Chain 477

https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=8b5e5047-1d29-4616-9c70-1a5f39e07c4a

Request Chain 480

https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D HTTP 302
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=d4a85ddd-3d8c-0218-3c78-d2330a7c1e34

Request Chain 482

https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=${BSW_USER_UD}&bsw_param=dc3a48fa-c90d-477a-968f-7307962a4130&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 493

https://c1.adform.net/serving/cookie/match?party=1283 HTTP 302
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=254002728751764508

Request Chain 506

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=a0525f9fbd8ed8c274c8 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=a0525f9fbd8ed8c274c8

Request Chain 642

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmRIewqoDW-C04eNdwGpgwVhKJOLZLBu7bVLY06XwzppKsbh5XiKWHQ6LV_2NPCx0FF-hDf-EEnHwtEe7lwpNI7qnhAcLtST HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRIewqoDW-C04eNdwGpgwVhKJOLZLBu7bVLY06XwzppKsbh5XiKWHQ6LV_2NPCx0FF-hDf-EEnHwtEe7lwpNI7qnhAcLtST&google_hm=3DpI-skNR3qWj3MHlipBMA==

Request Chain 643

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBFIPfLlvg449rO_aj0K2-g&google_cver=1&google_push=AXcoOmRdhxwGG8dOZJo9ZknViaAeNW-65bHfH0UMPLMSux8eEDMJlPZaFtd3o24VKjPttFqZJ06AJ009L1ujuWVjq2GheajEkrTk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmRdhxwGG8dOZJo9ZknViaAeNW-65bHfH0UMPLMSux8eEDMJlPZaFtd3o24VKjPttFqZJ06AJ009L1ujuWVjq2GheajEkrTk

Request Chain 645

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmQkn9VlDbcQZevrHIoXx0_TI-yjsE4nfbczSaEg3YPGE1A3sNP6DirdSbO65kCWRZQbaBNERP6J98I1RaB2Qij--ZneEi2fdw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQkn9VlDbcQZevrHIoXx0_TI-yjsE4nfbczSaEg3YPGE1A3sNP6DirdSbO65kCWRZQbaBNERP6J98I1RaB2Qij--ZneEi2fdw&google_hm=HspkpGZHXCEtjKfnQregqtlM

Request Chain 696

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmRqjGLlkF3UyenMgY5ldiiimz__XubBatG8SbDCMp4KVG-Z8KJYKmXZT7N1yuGogo1Bgf3fDIJsiQCEJNbMfaCOD81PjOxU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRqjGLlkF3UyenMgY5ldiiimz__XubBatG8SbDCMp4KVG-Z8KJYKmXZT7N1yuGogo1Bgf3fDIJsiQCEJNbMfaCOD81PjOxU&google_hm=3DpI-skNR3qWj3MHlipBMA==

Request Chain 697

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQQj6KFc0PGsRy7JmiNMZBgIaeQSfphKe8OwP3jIi9QEsJfDRFT4PfbGiWpe6e2mcQlz1f7-_0Jtwd63blmn-G_e94xuuk&google_gid=CAESEC3uavA1vBwW-9lZ46z6MsU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmQQj6KFc0PGsRy7JmiNMZBgIaeQSfphKe8OwP3jIi9QEsJfDRFT4PfbGiWpe6e2mcQlz1f7-_0Jtwd63blmn-G_e94xuuk

Request Chain 698

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBFIPfLlvg449rO_aj0K2-g&google_cver=1&google_push=AXcoOmQ4x9vbs5fsuYi_5bZCEM5xqpM0CvzDOe75GNZ0sCruy78CvYv-OWn6EL3BjJTQSpixThZlnV2u_0wyyOBdI476KhHyOLo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmQ4x9vbs5fsuYi_5bZCEM5xqpM0CvzDOe75GNZ0sCruy78CvYv-OWn6EL3BjJTQSpixThZlnV2u_0wyyOBdI476KhHyOLo

Request Chain 699

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF1BIfnuP6zG_mcBXeko1Do&google_cver=1&google_push=AXcoOmSsGFZWq2JGQsi7ZC7aFNub-b08CSr977q-FTO5CABzgV-o6_wmgZIvQQr2OGYD6IxXg5mYG2oujGqNr4aA7BM3UfSKitCC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSsGFZWq2JGQsi7ZC7aFNub-b08CSr977q-FTO5CABzgV-o6_wmgZIvQQr2OGYD6IxXg5mYG2oujGqNr4aA7BM3UfSKitCC

Request Chain 701

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmQivn6x6InkpMsd6Xexb2YI30KjT2FLB7UfEpqcVlfUUHcENA09TyVMoX85fCVPWJEu3uTentiPfs8iF61AQWul5LyaBqY HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQivn6x6InkpMsd6Xexb2YI30KjT2FLB7UfEpqcVlfUUHcENA09TyVMoX85fCVPWJEu3uTentiPfs8iF61AQWul5LyaBqY&google_hm=HspkpGZHXCEtjKfnQregqtlM

Request Chain 702

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk&google_cver=1&google_push=AXcoOmRLfZvNoSIBXgpPXuij3G6829C94IV6BuX4LjT_HlfGATFYRVUzr3ieeWy5pIGKG7k86sAjbXqmgLp292sTvA8ZbV5ZBDY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmRLfZvNoSIBXgpPXuij3G6829C94IV6BuX4LjT_HlfGATFYRVUzr3ieeWy5pIGKG7k86sAjbXqmgLp292sTvA8ZbV5ZBDY

Request Chain 738

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4A3CC3559F174FFABA90AB65B3BA31E5&RedC=c.clarity.ms&MXFR=35425CF3DC6F659326A54F22D86F6B6A HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4A3CC3559F174FFABA90AB65B3BA31E5&MUID=205FE87D80B967902E06FBAC81BF66F7

751 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
folkd.com/
Redirect Chain

https://www.folkd.com/submit/themesotheliomalawcenter.com/reno-nv-mesothelioma-legal-question/
https://folkd.com/submit/themesotheliomalawcenter.com/reno-nv-mesothelioma-legal-question/
https://folkd.com/

17 KB
8 KB

330ms
329ms

Document
text/html

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

de6e1e7ead1471c72f45e9cdf2fdbc38fbcc88d13ba8f0c5214803fe301a9f33

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 829f7ad85ff0b74e-AMS
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Wed, 22 Nov 2023 07:32:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8a1Fj4QpY9PRtcXGmw3Z5l1%2F8LJfMgKiDvuJYoCqwn1549yPtUCif90QN4ECmXsUfizi4c9jEW4oSWjctXOK3JCkCeL3kvNfhGCfpj5diOodsMy16MPm%2BmZilkCr8QUkJQnFN0Rtuxofwm8ekY3W3mZK7pf%2F24CPhbSgRTyz4OAAx5afQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: Vercel
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-bubble-capacity-limit: 0 ms slower
x-bubble-capacity-used: 0.097 unit-seconds used
x-bubble-perf: {"total":69,"percents":{"top":{"bubble_cpu":61,"block":34,"capacity_rl":0,"other_pause":0,"pre_fiber":0.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":53.8,"appserver_cache_misses_time":0,"redis":35.4,"fiber_queue":3,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":107,"appserver_cache_attempts":2,"appserver_mem_cache_hits":2,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":26,"fiber_queue":30,"blocks":29},"misc":{"userdb_results":1,"userdb_data":629,"spent_time":6311517}}
x-coalias-cache: MISS
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-vercel-id: fra1::pvst5-1700638360348-103ca5404da3

Redirect headers

cache-control: no-store
cf-ray: 829f7ad7fc21bbbc-FRA
content-length: 0
content-type: text/plain;charset=UTF-8
date: Wed, 22 Nov 2023 07:32:40 GMT
location: /
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJAVrwXzfb983K1fwtrB0Bxk%2FE%2F6gJRZ8cCShSl5RHIqFizoUyBzC%2FY%2B5ERTlzmMEIYr71YAzX%2Bid2NiSk66AEYSxmukIidWWTGToXPW040xjxxbgbjvGTlalrMoi6UcojaxBcX6qE7kbIM7BtHmfYYbDYf7Z82m2ZHnZSnvBc22xQcVPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: Vercel
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-vercel-id: fra1::mthvf-1700638360297-75ce345e6649

GET
H2 200 coalias_meta.js Show response
folkd.com/ 2 KB
1 KB 246ms
242ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/coalias_meta.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

63048d3da9b8ef24703db0cb353c4bec041d9acc3575b407755a5affda7eb9db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:40 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::kmfn7-1700638360729-1d9d50bc3d7e
age: 432274
etag: W/"162388d1b605b8c339e98419fcdfbb9d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="coalias_meta.v1.min.js"

GET
H2 200 coalias_page_logic.js Show response
folkd.com/ 1 KB
813 B 34ms
31ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/coalias_page_logic.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

09fa48367ecdb31ccbb365e0428d3d7bd7f32f48890b84d2e6c6ab9d2b12e3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:40 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::jn98j-1700638360694-4a5881b36644
age: 745449
etag: W/"c01471c249877474d63c6beba5d7cb51"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="coalias_page_logic.v1.min.js"

GET
H2 200 coalias_static_rewrite.js Show response
folkd.com/ 616 B
774 B 36ms
33ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/coalias_static_rewrite.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

18a847f8474bbd62b4a8e5d7fc404c2d3863b05bd4e940750f7bf3fb31c78430

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::5fvr2-1700638360694-dc354788c10d
age: 1210527
etag: "142bd05e9b948e2640c9647c7734ee4b"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="coalias_static_rewrite.v1.min.js"
accept-ranges: bytes
content-length: 616

GET
H2 200 early.js Show response
folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 24 KB
9 KB 89ms
28ms Script
application/javascript 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:40 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":12.6,"percents":{"top":{"bubble_cpu":35.6,"block":48,"capacity_rl":0,"other_pause":0,"pre_fiber":4.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":14,"fiber_queue":3.4,"capacity_wait":32.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":5,"blocks":4},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":675629}}
server: cloudflare
age: 1235811
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.01 unit-seconds used
timing-allow-origin: *
cf-ray: 829f7adaad0d23df-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 run.css
folkd0612.bubbleapps.io/package/run_css/ccdb0517651963f88c224b36bbd26ee556c34a35fbcc212fe97f31e8133b9755/folkd0612/live/index/xfalse/xfalse/ 528 KB
37 KB 116ms
38ms Stylesheet
text/css 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/run_css/ccdb0517651963f88c224b36bbd26ee556c34a35fbcc212fe97f31e8133b9755/folkd0612/live/index/xfalse/xfalse/run.css
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 326b1b6d000e21f049d96bc3516ca8fcb72476ec5697e401b8b90054dbbb9d24

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:40 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":15.5,"percents":{"top":{"bubble_cpu":57.3,"block":38.6,"capacity_rl":0,"other_pause":0,"pre_fiber":2.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":39,"appserver_cache_misses_time":0,"redis":44.5,"fiber_queue":3.3,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":13,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1328690}}
age: 43560
cf-polished: origSize=669521
x-powered-by: Express
x-bubble-capacity-used: 0.02 unit-seconds used
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 829f7adadd0cf138-CDG
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 pre_run_jquery.js Show response
folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 88 KB
32 KB 100ms
40ms Script
application/javascript 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:40 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":7,"percents":{"top":{"bubble_cpu":23.7,"block":64.9,"capacity_rl":0,"other_pause":0,"pre_fiber":5.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":64.6,"fiber_queue":2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":3,"fiber_queue":4,"blocks":3},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":248641}}
server: cloudflare
age: 1235811
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.004 unit-seconds used
timing-allow-origin: *
cf-ray: 829f7adaad0823df-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 run.js Show response
folkd0612.bubbleapps.io/package/run_js/c23f591d5aa95bf4c7812a7a711fa444966dd143780065caa3a084b59ac15743/xtrue/x21/ 4 MB
809 KB 112ms
53ms Script
application/javascript 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/run_js/c23f591d5aa95bf4c7812a7a711fa444966dd143780065caa3a084b59ac15743/xtrue/x21/run.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: bdccc13e1bc24ac7baa8c4d0e697fb4fd963f8cf0708618f2bdfbd34fa949d95

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:40 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":20.7,"percents":{"top":{"bubble_cpu":14.8,"block":75.8,"capacity_rl":0,"other_pause":0,"pre_fiber":2.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":17.5,"fiber_queue":1.7,"capacity_wait":36.5}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":459259}}
server: cloudflare
age: 27588
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.007 unit-seconds used
timing-allow-origin: *
cf-ray: 829f7adaad0b23df-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 static.js Show response
folkd0612.bubbleapps.io/package/static_js/88906d660c21b2b4c3ba13b093a78af44db1791524a2a91875849107520a3bd3/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/ 997 KB
108 KB 95ms
35ms Script
application/javascript 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/static_js/88906d660c21b2b4c3ba13b093a78af44db1791524a2a91875849107520a3bd3/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/static.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9c13cc428e876371e3b18e93626afff136c05dbcf4c1b1fd40acaf6a9302ceca

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:40 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":41.8,"percents":{"top":{"bubble_cpu":62.9,"block":28.1,"capacity_rl":0,"other_pause":0,"pre_fiber":8.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":100.8,"appserver_cache_misses_time":0,"redis":32.8,"fiber_queue":8.2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":57,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":14,"fiber_queue":16,"blocks":15},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":3945402}}
server: cloudflare
age: 20225
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.061 unit-seconds used
timing-allow-origin: *
cf-ray: 829f7adaad0523df-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 dynamic.js Show response
folkd0612.bubbleapps.io/package/dynamic_js/f4f624c373f4ae4155e7e868c8f1b88dce178e5cf9d82fec8f194b1770ea1b90/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/ 1 MB
162 KB 111ms
52ms Script
application/javascript 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/dynamic_js/f4f624c373f4ae4155e7e868c8f1b88dce178e5cf9d82fec8f194b1770ea1b90/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7444e5e9f69692f6a3f646ce26dc7321047b04dc25948308d08fed565b73f3f1

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:40 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":12.9,"percents":{"top":{"bubble_cpu":54.8,"block":38.3,"capacity_rl":0,"other_pause":0,"pre_fiber":3.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":20.7,"appserver_cache_misses_time":0,"redis":33.8,"fiber_queue":2.6,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1063019}}
server: cloudflare
age: 94633
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.016 unit-seconds used
timing-allow-origin: *
cf-ray: 829f7adaad0423df-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 iziToast.min.js Show response
cdn.jsdelivr.net/npm/izitoast@1.4/dist/js/ 18 KB
5 KB 90ms
36ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/izitoast@1.4/dist/js/iziToast.min.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1332
x-jsd-version: 1.4.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230085-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"4836-xv1TsKSrwrc/VQJeyyjS62Xbk9Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaAdmFsVVJ%2Fyl6wTjPV1BYypN9olI67t%2BsHu3ZuvKw7YU8YZ2id8tcpS49NLcyZrdmiVk4COQxcmZcqvFgUCmodEjpoh22nMwNpl7UcJyC8ZtFJjgZDLUVzmlHKiIglmo9CS%2FDLt45lup%2BZbwAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 829f7adaaeb404aa-CDG

GET
H2 200 iziToast.min.css
cdn.jsdelivr.net/npm/izitoast@1.4/dist/css/ 41 KB
10 KB 87ms
33ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/izitoast@1.4/dist/css/iziToast.min.css

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1332
x-jsd-version: 1.4.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA, cache-ams21069-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"a221-0sbNVM+KbAQMKIRLMGVDt27quLg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpJoqdj2YPSQBqwcAsu2AfY3arVv1Ktcdv6POk%2B8PCAXLqovuLHjfx5foOUENg%2BU1K3Qkzq56IvoZ39SEPeZ42rvujhygiUTiQjT5Xi7RPGIH1EqWSkU3UgGVzWzMn9dM4bLbQenNRs5D4Ghjc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 829f7adaaeb004aa-CDG

GET
H2 200 openbuild.css
cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/ 2 KB
1 KB 86ms
32ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/openbuild.css

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 38782
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230044-FRA, cache-mrs10568-MRS
x-jsd-version-type: branch
server: cloudflare
etag: W/"610-Hhq7J7BAZ2hStZBftPx+L7C331g"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pt8fGzgGcxQD52MvysNF6jTndmfpQQEJhiIeBlT57176l2l5jHL3XzALA%2FY4VzYhDJZguFLKQt4Fmofu1QbvM28rxxcS5R17SOcH6MsKpBHMuejII57po8tSAt8N8z56kRLXVLBGMw%2BqLSsVRDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 829f7adaaeb104aa-CDG

GET
H2 200 xano.min.js Show response
cdn.jsdelivr.net/npm/@xano/js-sdk/dist/ 32 KB
10 KB 88ms
35ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 40113
x-jsd-version: 1.0.21
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220060-FRA, cache-ams21068-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"816c-y4fQWjEhnwuADXqNUiHMJJo4LgE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5yQELp2IKF2EaiFebiqELzO7Sop6kr2ZAwo%2BJQQGXw%2BorzGAL7nwRFcOlU8k2Xj2wK%2FshZhv52VAGpi1bxWZ4tZRyGVkNljxd1%2B9PFn1Mkskr61VR8lM%2F5LqOv9%2B%2BaS6hjYS3ac%2FG4C7s1Wc3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 829f7adaaeb604aa-CDG

GET
H/1.1 200
OK 65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js Show response
monu.delivery/site/5/d/ 56 KB
15 KB 720ms
580ms Script
application/javascript 2a01:7e00:1::b903:5c4c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx /
Resource Hash: 82336376eedbb339b0b9e4cdaf2712ef637db4afe2bcab6a14bbfb4f80404980

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:41 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPqw5gw3TJZLp6axESC5WOVmsq4RBexr_O_HbwCCBKmsd2CGBZD49NFyaOeWeOa-M4g2ffU
transfer-encoding: chunked
x-cache: EXPIRED
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
connection: close
server: nginx
vary: Accept-Encoding
x-goog-generation: 1700632407212340
content-type: application/javascript
x-goog-hash: crc32c=u65XFg==, md5=pfiQZzBlOsbvawqcLtoBDw==
cache-control: max-age=7200
x-goog-stored-content-length: 56526
expires: Wed, 22 Nov 2023 09:32:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
82 KB 85ms
35ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd0ac0b2b430d5454b0569611fdcc0102fa30d7fcf2b7e96f81b90045d953a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83376
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 07:32:41 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 556 KB
154 KB 63ms
18ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

16125b67dd44a6df2eadad443e941af6085d45a67fad4421f2160d92fe605278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 07:32:40 GMT
via: 1.1 varnish
age: 9
x-cache: HIT
content-length: 157307
x-request-id: c078d0fc-11b6-4fb9-a78b-cff2f2c2a702
x-served-by: cache-mxp6942-MXP
last-modified: Tue, 21 Nov 2023 22:18:21 GMT
server: Fastly
etag: "e28d4375fad3ffbfb5f7bdf0303a2787"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 89ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

391745d698a9b473b2246c5c425b2c0eefd8afeddb702284646be40f6f70d57c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 07:32:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 07:32:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 07:32:41 GMT

GET
H2 200 data Show response
folkd.com/api/1.1/init/ 706 B
2 KB 608ms
608ms XHR
text/plain 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/api/1.1/init/data?location=https%3A%2F%2Ffolkd.com%2F

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

a208496dfa326d37261c7bff8cec2b0213f3d391d61a11075ca12b485a6f4727

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://folkd.com/
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwNjM4MzYwfQ.0REEJKSUO7MnKsjT97Zw0dMWoY7G_w6IE-d6yJ4KMSA
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:41 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: Vercel
x-coalias-cache: MISS
x-bubble-perf: {"total":27.8,"percents":{"top":{"bubble_cpu":17.3,"block":75.7,"capacity_rl":0,"other_pause":0,"pre_fiber":1.6},"sub":{"pp_userdb":10.8,"pp_wait_userdb":3.6,"http_request":0,"serverjson":2.8,"appserver_cache_misses_time":0,"redis":33.5,"fiber_queue":2.2,"capacity_wait":26.8}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":8,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":13,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":6719374}}
x-vercel-id: fra1::mthvf-1700638361023-a128fe4043dd
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeDGgE%2Bi%2BPL2WHEwNx5q13xRp%2Bj5r9n1zAtdgEnnqa87%2BNdYH2BjEVvwaMHqJ5hiUJGDuh57paMOBuS7x6YuqRPHUrfIBS%2F9vaxPj7EDHM1DMwY6Zdzq44Nc8Pb2nbw3Et3KFU%2Fr1E7NnXGhqTa0VA%2BUs7XK33Ej9z%2BsDCY65uMCxkbTbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
x-bubble-capacity-used: 0.103 unit-seconds used
cf-ray: 829f7adc8d5b6576-AMS
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 84ms
31ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/dynamic_js/f4f624c373f4ae4155e7e868c8f1b88dce178e5cf9d82fec8f194b1770ea1b90/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13a98b9416e587b6aac281b68031fbc9fdfcc4e6870925efcf7416251f0ea912

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 22 Nov 2023 07:32:41 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/ 50 KB
16 KB 65ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/moment.min.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c42c23a0a15b19aa34fbf250c2ef3717f98169f8f123875936de604ca03070a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1144397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15241
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-c9b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sM37xevXVGW4fb8E1q4%2FnSSJ9M2CW%2BEAQDl9puOWOSYcusAs6L74CfLK%2Bt9X%2FDyyCIbcAFp7Ulm40xXH%2BjsHWqMKqXdoM5cexq5%2FIWp%2BsUXwlw5DDlNR67RbKGVxa0YGcl%2F6mu%2FEB3UDu5lbWtzrDiVy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 829f7adf8c0601e3-ZRH
expires: Mon, 11 Nov 2024 07:32:41 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
23 KB 92ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:43:58 GMT
x-content-type-options: nosniff
age: 445723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:43:58 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 99ms
52ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:22 GMT
x-content-type-options: nosniff
age: 399859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 16:28:22 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 65ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:53:46 GMT
x-content-type-options: nosniff
age: 337135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 09:53:46 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v34/ 14 KB
14 KB 123ms
81ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v34/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55ed173209f7ec86b28240d8c2ecebe894742cffefed38a4de734d35bbf8d9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:18:41 GMT
x-content-type-options: nosniff
age: 342840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14276
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 19:35:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 08:18:41 GMT

GET
H2 200 ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
fonts.gstatic.com/s/publicsans/v15/ 26 KB
26 KB 114ms
73ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:17:06 GMT
x-content-type-options: nosniff
age: 461735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26244
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:34:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:17:06 GMT

GET
H2 200 L0x-DF02iFML4hGCyMqlbS0.woff2
fonts.gstatic.com/s/urbanist/v15/ 27 KB
27 KB 111ms
71ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 15:56:56 GMT
x-content-type-options: nosniff
age: 401745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27824
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 15:56:56 GMT

GET
H/1.1 200
OK xdomain_cookie.min.js Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 5 KB
2 KB 107ms
40ms Script
application/javascript 2a01:7e00:1::b903:5c4c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx /
Resource Hash: 7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:41 GMT
content-encoding: gzip
age: 2682
x-guploader-uploadid: ABPtcPriUz06Nmt1_50q9c8SMs43n4JOv3Ae6PK-vZSioNykh5AfalU8rRFVY9hFhS7j1LrfhRA
transfer-encoding: chunked
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
connection: close
last-modified: Tue, 25 Aug 2020 07:36:03 GMT
server: nginx
vary: Accept-Encoding
x-goog-generation: 1598340963244234
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control: max-age=31104000, public
x-goog-stored-content-length: 4733
expires: Sat, 16 Nov 2024 07:32:41 GMT

GET
H2 200 hysaayfb9e Show response
www.clarity.ms/tag/ 700 B
1 KB 203ms
113ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/hysaayfb9e
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 90f5184d022dacea92af2405c04a9246ec58975e59f41d4f6033320c9e4f9ae8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
date: Wed, 22 Nov 2023 07:32:41 GMT
x-azure-ref: 0ma5dZQAAAACGNueocB3SSLZqQt2HScqrWlJIRURHRTEzMDgANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 700
expires: -1

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 104ms
41ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je3b81v9135293448&_p=1700638361464&gcd=11l1l1l1l1&dma=0&cid=381228326.1700638362&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700638361&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Folkd%20%7C%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=446
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js Show response
monu.delivery/sitesplit/d3/smartzones/other/YAF-145-selectmedia/5/d/ 570 KB
162 KB 267ms
202ms Script
application/javascript 2a01:7e00:1::b903:5c4c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/sitesplit/d3/smartzones/other/YAF-145-selectmedia/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx /
Resource Hash: f565406d1d70700bd116bb757c8f4991058b9be7bb5832634f83396ed8d41c97

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:41 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPo8s8fykFSAj0Zqsbj_SDA6CiVZGlmI3aAo3Ki6rOJojTUK5A5lfXrCXELl3Yn2v9VfIN0
transfer-encoding: chunked
x-cache: MISS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
connection: close
server: nginx
vary: Accept-Encoding
x-goog-generation: 1700632410576140
content-type: application/javascript
x-goog-hash: crc32c=4z/a/w==, md5=lhlfASMiKVgvxAysNWlfTQ==
cache-control: max-age=7200
x-goog-stored-content-length: 583523
expires: Wed, 22 Nov 2023 09:32:41 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 33D5 200 B
840 B 18ms
18ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6430122
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 07:32:41 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 130956
x-content-type-options: nosniff
x-request-id: 75fad2d8-f6b1-44c5-a72e-4e3158f53c72
x-served-by: cache-mxp6942-MXP

GET
H2 200 fontawesome-webfont.woff2
folkd0612.bubbleapps.io/static/fonts/ 75 KB
76 KB 33ms
32ms Font
font/woff2 2606:4700::6810:cc42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd0612.bubbleapps.io/static/fonts/fontawesome-webfont.woff2

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_css/ccdb0517651963f88c224b36bbd26ee556c34a35fbcc212fe97f31e8133b9755/folkd0612/live/index/xfalse/xfalse/run.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://folkd0612.bubbleapps.io/package/run_css/ccdb0517651963f88c224b36bbd26ee556c34a35fbcc212fe97f31e8133b9755/folkd0612/live/index/xfalse/xfalse/run.css
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-bubble-perf: {"total":8.4,"percents":{"top":{"bubble_cpu":22,"block":71.2,"capacity_rl":0,"other_pause":0,"pre_fiber":4.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":52.2,"fiber_queue":4.8,"capacity_wait":13.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":6,"blocks":5},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":277299}}
age: 1753946
x-powered-by: Express
x-bubble-capacity-used: 0.004 unit-seconds used
content-length: 77160
server: cloudflare
etag: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 829f7ae22ac023df-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 logo-40px.svg
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/ 2 KB
1 KB 103ms
37ms Image
image/svg+xml 104.16.137.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/logo-40px.svg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
x-amz-version-id: NoYri7j3dqGJ_o.0cuCTxKXFnTaBUSkL
content-encoding: br
cf-cache-status: HIT
content-security-policy: script-src 'none'
x-amz-request-id: 1HG26VK2E955E9SR
age: 69129
x-amz-server-side-encryption: AES256
x-amz-meta-app-version: test
x-amz-id-2: fcAFiGc7xkEsxlb+DWpEIwvrzaMlQjjzOwaS51ktCUwXW9FShClJGiAKCjCzSCGH38gL+TuzSYI=
x-amz-meta-appname: folkd0612
last-modified: Mon, 20 Feb 2023 12:50:07 GMT
server: cloudflare
etag: W/"98bcc0ebb1abcca0eceef4c5f8ed8d71"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=86400
cf-ray: 829f7ae40fb1f11c-CDG

POST
H2 200 hi Show response
folkd.com/user/ 57 B
934 B 634ms
632ms XHR
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/user/hi

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

1916cddee60e4888519d06a0ddd77725d0c67b549f9c049fdfc1b02f2f90b094

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1700638361528x333431259932801340
X-Bubble-Fiber-ID: 1700638362295x516595378506875100
X-Bubble-PL: 1700638360532x1135
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwNjM4MzYwfQ.0REEJKSUO7MnKsjT97Zw0dMWoY7G_w6IE-d6yJ4KMSA
X-Bubble-Breaking-Revision: 5

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf: {"total":15.5,"percents":{"top":{"bubble_cpu":13.9,"block":78.9,"capacity_rl":0,"other_pause":0,"pre_fiber":3.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":2.2,"appserver_cache_misses_time":0,"redis":43,"fiber_queue":2.4,"capacity_wait":34.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":322315}}
strict-transport-security: max-age=63072000
x-bubble-appname: folkd0612
x-powered-by: Express
x-bubble-capacity-used: 0.005 unit-seconds used
x-coalias-cache: MISS
server: Vercel
x-vercel-id: fra1::mthvf-1700638362309-31c8b495f531
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ty4GPtw5vQzoYv1kncRvFy1edWv2M4etub303bZ1kI%2BEdGFWBaIPFOcPF1MC79S08awr2xxTxnO9qKJ9qwiYd6rYqSI%2F07GUDDKjcQG0DmimIV3bPHBzacs0qm0d0%2Fi%2FztosmHRvTwQUVseY2MqSOnnqyejPkkRlH5SIZWEP5%2FqIo7c2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-bubble-request-took: 15
cache-control: no-cache
cf-ray: 829f7ae48f133834-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
978 B 63ms
34ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950965
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7OhvOFHT6Aqz50dYnC7JHcBLq3hiHaxiTBj2amMGnTM6PzfFL0u9EzL75tQly3%2F7mLjEQ7zIEoRRYmqFG3isEjQUJkxaac8jUEeAGHKGwBHGquONQvp8IlDS1m72V%2FoTD4ma45CXMCRIlW3hYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7ae4ae5f04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
943 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950965
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tF%2FSMBsIrqMBPIUVTxVpmTCnTYQCmwo4CdEfhoZB3dEHNEhndoiHSFudIqykbRalkZdkDjOTH%2BIGFH2jLM9xIRF95ctypilVamxcjs%2F8Ijm5kAAYAY455s9vkIfakgEf5skiBThhQefwewp6CdY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7ae4feae04a0-CDG

GET
H3 200 arrow-right.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 238 B
834 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1734921
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230126-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcE2SNYBlmqnG1PCuj9eqRv26MJs8%2FOXH6hN8wal6lq1aSz1n3JwOxURLj41OtPCTGmTYeW%2FzIdAWfFgeV%2Bvaa1kDsVRH6AiIITqCq8ihbkIftwkKrw6%2FS184BUN4BrnkxkjFDEyeohA%2Fjfhag4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7ae53ee204a0-CDG

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 33D5 631 B
555 B 18ms
18ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 07:32:42 GMT
via: 1.1 varnish
age: 6430123
x-cache: HIT
content-length: 399
x-request-id: c8484ee4-172a-4fdb-9cbb-01b737173529
x-served-by: cache-mxp6942-MXP
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 124092

GET
H3 200 arrow-right.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 238 B
841 B 32ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1734921
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230126-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJsLuPoU0sZ5DWIqon%2F%2F2LjfD%2FjczPKOuuOKwK%2FnjndD%2B94UqY5cXfmqHs%2FW5ZKlktB86k%2FHnDOLoH4A4tfiUuQVFgzBIksdyEP5CbeGCciMo%2FkcLlzTsS1VUgn0%2F9RJRxlco3WybLxPhLb%2F5QY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7ae57f3f04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
942 B 37ms
36ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950965
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKydq%2BxBrRreJLSf7Wlq0UCSYnBF0zau88OvAi05UCUkkekRzL4UIgzXggHt7ztdJQhiNvX05%2FUBOEQs0bwUIFPW2FepXfKaCLbGVmMdLobjS84OUZ5D9WKMC0yiRAKSTzA8JhGlgtYTPCEkFmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7ae58f5d04a0-CDG

POST
H2 200 mget Show response
folkd.com/elasticsearch/ 734 B
1 KB 277ms
276ms XHR
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/elasticsearch/mget

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

5a6a90940be3c5fdfc01a9419ff10b7dfcc05199c4909868122af197ad67945e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1700638361528x333431259932801340
X-Bubble-Fiber-ID: 1700638362492x567166251113606400
X-Bubble-PL: 1700638360532x1135
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwNjM4MzYwfQ.0REEJKSUO7MnKsjT97Zw0dMWoY7G_w6IE-d6yJ4KMSA
X-Bubble-Breaking-Revision: 5

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf: {"total":13.8,"percents":{"top":{"bubble_cpu":36.6,"block":59.6,"capacity_rl":0,"other_pause":0,"pre_fiber":3.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":4.9,"appserver_cache_misses_time":0,"redis":57.5,"fiber_queue":2.4,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":9,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":757673}}
strict-transport-security: max-age=63072000
x-bubble-appname: folkd0612
x-powered-by: Express
x-bubble-capacity-used: 0.012 unit-seconds used
x-coalias-cache: MISS
server: Vercel
x-vercel-id: fra1::xm4hx-1700638362502-50457eb0171e
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOTEQQfgkZLtzAThYrEaJqVl0lyIxiE%2BxWeB7uMXJlVlG84P%2BTof8%2FcLGe%2FFasoN2CubpTrPs3bXib5E3mqJNdybjJk18e46CqhPwQO8WFsAS59Qbrmhxa1ZE0aPA2iRkl0k2YoI5iaG3Lsd1yRrYfV%2FJdychLVYgYhTBSa%2BaAkqlAVwGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-bubble-request-took: 14
cache-control: no-cache
cf-ray: 829f7ae5ede6426c-AMS
x-bubble-capacity-limit: 0 ms slower

OPTIONS
H2 200 me
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/ Frame 0
0 506ms
176ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 07:32:42 GMT
expires: Sun, 24 Nov 2013 07:32:42 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

OPTIONS
H2 200 suggestedTagsNew
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 0
0 501ms
174ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 07:32:42 GMT
expires: Sun, 24 Nov 2013 07:32:42 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 me Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/ 162 B
691 B 235ms
216ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Sun, 24 Nov 2013 07:32:43 GMT

GET
H2 200 suggestedTagsNew Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 4 KB
2 KB 239ms
220ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

2a98a4d357c7ee1fbb84e52b6e0d481aee68ed203b01a03ce9cbb8c5843abe11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-query-cache: 1
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Sun, 24 Nov 2013 07:32:43 GMT

GET
H3 200 link.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
896 B 33ms
33ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4171
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA, cache-lcy-eglc8600052-LCY
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlCKjusZmYh7o4r0KdWjAB6TvIWnb83eY4AhBd0tcrU7JogIsV8Ft7U9ZFm%2BOY3x3asJfXzit87uTNwPV%2FX7Ysddz4Dm9aIs1GmbYlz8qdW%2FPJDUw%2FYqBWYXZXr4v4SJSg2Aw3AGpPNGidITKdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7ae6487204a0-CDG

GET
H3 200 link.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
894 B 33ms
33ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4171
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA, cache-lcy-eglc8600052-LCY
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ynLlaGjM1lF5zSWNjd433%2FFUmrNNTKzVgO2YIxImVrV2At4aafI1iyLMDJc%2BO2nh5oBoxxA4QdoCvRD304%2Fozyo5mGV1X%2FAuMjrZK9eKH6GMrES2bBt62ZrnsmJ57Kw8oKF4UW2hrOsR0fQ130%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7ae6587a04a0-CDG

GET
H2 200 logo-40px.svg
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/ 2 KB
830 B 36ms
36ms Image
image/svg+xml 104.16.137.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/logo-40px.svg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
x-amz-version-id: NoYri7j3dqGJ_o.0cuCTxKXFnTaBUSkL
content-encoding: br
cf-cache-status: HIT
content-security-policy: script-src 'none'
x-amz-request-id: 1HG26VK2E955E9SR
age: 69129
x-amz-server-side-encryption: AES256
x-amz-meta-app-version: test
x-amz-id-2: fcAFiGc7xkEsxlb+DWpEIwvrzaMlQjjzOwaS51ktCUwXW9FShClJGiAKCjCzSCGH38gL+TuzSYI=
x-amz-meta-appname: folkd0612
last-modified: Mon, 20 Feb 2023 12:50:07 GMT
server: cloudflare
etag: W/"98bcc0ebb1abcca0eceef4c5f8ed8d71"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=86400
cf-ray: 829f7ae67a83f11c-CDG

POST
H2 200 csp-report
q.stripe.com/ Frame 33D5 0
718 B 565ms
183ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700638363112414
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700638363111976
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 33D5 0
716 B 573ms
190ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700638363113037
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700638363112016
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 post_index_feed Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 34 KB
9 KB 340ms
321ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1700638362669

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

f465383b81584f551cea0601a50393a568fbd4f63927be670b1af1af98042c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-query-cache: 1
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Sun, 24 Nov 2013 07:32:43 GMT

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 170ms
22ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192023
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 20:04:34 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 9E95 930 B
2 KB 101ms
37ms Document
text/html 2600:9000:2057:2000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:2000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 54
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 07:31:49 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-id: H9r_WTpjDm6TJtLcNvGn6F7YCQNnKJahCeqEQ3pMcfevZkmBOhvrLA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H/1.1 200
OK xdomain_cookie.html Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 0543 3 KB
2 KB 117ms
45ms Document
text/html 2a01:7e00:1::b903:5c4c
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by: Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: nginx /
Resource Hash: 2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-origin: *
age: 0
cache-control: max-age=31104000 public
connection: close
content-encoding: gzip
content-type: text/html
date: Wed, 22 Nov 2023 07:32:42 GMT
expires: Sat, 16 Nov 2024 07:32:42 GMT
last-modified: Tue, 25 Aug 2020 07:36:09 GMT
server: nginx
transfer-encoding: chunked
vary: Accept-Encoding
x-cache: HIT
x-goog-generation: 1598340969597109
x-goog-hash: crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3440
x-guploader-uploadid: ABPtcPoQGUAm3Bm_oeFe-Rc_r_HkDM0FiC1eFkJrmN2lDJ7EX8qpSOxtAZKpzZSkmWPU-HVTMCM

POST
H2 200 m Show response
folkd.com/user/ 4 B
956 B 267ms
267ms XHR
text/plain 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/user/m

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Fiber-ID: 1700638362764x323067129074224000
X-Bubble-PL: 1700638360532x1135
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwNjM4MzYwfQ.0REEJKSUO7MnKsjT97Zw0dMWoY7G_w6IE-d6yJ4KMSA
X-Bubble-Breaking-Revision: 5

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: Vercel
x-coalias-cache: MISS
x-bubble-perf: {"total":19.6,"percents":{"top":{"bubble_cpu":18.1,"block":62,"capacity_rl":0,"other_pause":0,"pre_fiber":4.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":33.4,"fiber_queue":2.7,"capacity_wait":25.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":531762}}
x-vercel-id: fra1::pcdpg-1700638362774-28c4df9d2222
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDSdlFE5N0MWYu16RiPwRc36N4PKVOnAmPfp%2BBAmz%2B9WbP6BzWbkCqa7s%2FEy7cPqwAJ%2BRfqNSI2%2Ftzqejc5evbXU5Y20egaQQ71xD7IY1bfuO92%2Bziq1xCJOwrz7IYCNda4KzMwFD4pTo2EWhVcrNdQrKlpTOzulRGt9Vi6Nrz67aOIDAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
x-bubble-capacity-used: 0.008 unit-seconds used
cf-ray: 829f7ae77b50381f-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.18/ 59 KB
20 KB 23ms
22ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.18/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hysaayfb9e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 13:41:44 GMT
x-azure-ref-originshield: 0gqtcZQAAAAAe7EBXm9u0S78jgma7lD4XRlJBMjMxMDUwNDE3MDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DBE772F014B026"
x-azure-ref: 0mq5dZQAAAAC7l0PW3MuXTqc81hYxzFPOWlJIRURHRTEzMDgANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 36807f27-701e-0063-09b9-1bb320000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 452 KB
94 KB 142ms
46ms Script
text/javascript 2606:4700:4400::ac40:90a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72d18baa0d48256379d7e6616226233e128d21d5dc01932db2213d4476c55d7d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Nov 2023 00:03:53 GMT
server: cloudflare
x-amz-request-id: 1HYA1W1GV9R3FG7Y
age: 314
etag: W/"36139f2c47a3e3cbc233bbdae7061ddd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 829f7ae81c572397-ZRH
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3gCnHZ6L57o3XtfL208mdNcHbSqbu3b13/PBBGeUCyNa1vRWxmHIeetRFq/xK8z1afX+oK3QuN4=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
30 KB 216ms
119ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d37428c6f753f05d086f89607b514a4ba4329e950fefbc6baafb269ac37fdef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30576
x-xss-protection: 0
server: cafe
etag: 578 / 19683 / 31079744 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:42 GMT

OPTIONS
H2 200 post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 0
0 344ms
175ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1700638362669

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 07:32:42 GMT
expires: Sun, 24 Nov 2013 07:32:42 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
289 B 396ms
117ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Wed, 22 Nov 2023 07:32:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 200 csp-report
q.stripe.com/ Frame 9E95 0
491 B 223ms
190ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700638363192914
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1700638363192474
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 9E95 87 KB
15 KB 44ms
23ms Script
text/javascript 2600:9000:2057:2000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:2000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:28:44 GMT
content-encoding: br
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 240
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: LGIdII9NMolzQTaN1RfOixwsbSNhqIYDe7qeVxyvpmvHwxBBKn_BXw==

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
530 B 143ms
27ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=d387daed-9e60-4c14-a162-c5c47fd6593e&a=p.d.l&u=JYM01M&d=%7B%22c%22%3A%22CH%22%2C%22r%22%3A%22%22%2C%22p%22%3A%22%2F%22%7D
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 866369
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 264 KB
84 KB 87ms
48ms Script
application/javascript 2606:4700:4400::ac40:90a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 16:04:16 GMT
server: cloudflare
x-amz-request-id: V56T6WNWVZ98A02D
age: 1238261
etag: W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 829f7ae9df102397-ZRH
alt-svc: h3=":443"; ma=86400
x-amz-id-2: g9yZ2ceZ5NsRJ5Fk/EJ1qEJkIKPIU7jlfU671KpXAwP+Idw05wEbM2Slau5BhJPxmqLbrqrVOdU=

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ 431 KB
135 KB 41ms
31ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 15:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58969
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137994
x-xss-protection: 0
server: cafe
etag: 6213585212225905441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 20 Nov 2024 15:09:54 GMT

POST
H2 200 apm Show response
folkd.com/user/ 4 B
964 B 676ms
670ms XHR
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/user/apm

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Fiber-ID: 1700638363327x348705642330980200
X-Bubble-PL: 1700638360532x1135
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwNjM4MzYwfQ.0REEJKSUO7MnKsjT97Zw0dMWoY7G_w6IE-d6yJ4KMSA
X-Bubble-Breaking-Revision: 5

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf: {"total":37.2,"percents":{"top":{"bubble_cpu":12.2,"block":13.2,"capacity_rl":0,"other_pause":0,"pre_fiber":74.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":12.7,"fiber_queue":0.6,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":679752}}
strict-transport-security: max-age=63072000
x-bubble-appname: folkd0612
x-powered-by: Express
x-bubble-capacity-used: 0.01 unit-seconds used
x-coalias-cache: MISS
server: Vercel
x-vercel-id: fra1::mthvf-1700638363357-0139d7645f91
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPDBajw8vQsSlhgksdJrGYsuQ%2Fa%2BQ64y7F064S%2FhgfwAWjCCPhY%2FiYMH5EckgfpWPKBwvJsZqNugBee5vkG6L2hkMHN5aSC%2F4Gbwn0JJU8ZNo6OstgVHCT%2FC8%2BUCMVzMRL2TchAGICNb22AYylA9FozbfwRmAVHODLNoB28%2BJ%2FosGa%2FUPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-bubble-request-took: 37
cache-control: no-cache
cf-ray: 829f7aeb2df1914c-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H2 200 6 Show response
m.stripe.com/ Frame 9E95 156 B
670 B 571ms
186ms XHR
application/json 34.213.255.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.255.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-255-230.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

58ff86ea9d4d7f9d0515bcfb43746d38824192bda31d81d43a45833c021d2e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700638363831228
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1700638363830964
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 28ms
20ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=d387daed-9e60-4c14-a162-c5c47fd6593e&a=i.r&u=JYM01M&d=%7B%22auPath%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDW.A%22%7D
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 866369
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 26ms
18ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=d387daed-9e60-4c14-a162-c5c47fd6593e&a=s.d&u=28f81968-7637-4e59-b276-64fe8525c1dc
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 866369
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
783 B 52ms
43ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2861
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230096-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AUUUlK3AuXtaHD1dOWa77YCenp%2F3Y5Nw9dt3ljqBjcV3dpV%2BOyteg6CzwmiVBGNLmoQtvyWMH3tBmEyozzJZ%2BAXBu2ET8sBqGg7tTZi8xayIgyU7Q2Qg2uuKcuto3SuIhfjrOqyZBnyqaitBbg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 829f7aec38a104aa-CDG

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 156 KB
34 KB 115ms
40ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab709475ac54d39d8c7b123b4ba8dacb8f2b9f61f1c82a888115c5fe86ef695

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 16:21:00 GMT
server: cloudflare
x-amz-request-id: X8W51KEA6Y6PC03E
age: 1467
etag: W/"9391f2de0f47103f7dd948a8fdf8a53f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 829f7aec98a3ba97-MXP
x-amz-id-2: Pn6rMVIWiTWQJxichwNUSKF8k0U7AOejIcVyzNncA83NLrTN5QJqLAbOwEPtn2DelD+/tMEfODc=

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 87ms
19ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 23:05:33 GMT
content-encoding: gzip
age: 808030
x-guploader-uploadid: ABPtcPq1Jl-aO9BF9lNu46pS0qpg_SMiW0blRZMTVfGJTUbTsHwLRnd2S7fOjoW1J99JGW2YhMMsZpJ1ndluuDfSZzHbVg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 11 Nov 2024 23:05:33 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 146ms
61ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 23 Nov 2023 07:32:43 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 113ms
30ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:38:20 GMT
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 86064
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: x3n8txQZgsMbWM0-LXU5-1LxixgwWx11N4vTJ0AE9oW9bARVpifFrw==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 113ms
31ms Script
text/javascript 2600:9000:2250:e800:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e800:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Tue, 21 Nov 2023 10:03:28 GMT
Via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 77356
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: BMdexDg00yDxc6XOZ8OicGnYq7jj3RY79D5UHvWhTfJyQyvM050JpQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 110ms
47ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 3c402dd48c4b9f9d5c6ed5cec5330d36
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 229 KB
51 KB 444ms
443ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1960253774774635&correlator=3280176310645758&eid=31079671%2C31079744%2C31078018%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDW.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700638363523&lmt=1700638363&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=381228326.1700638362&ga_sid=1700638364&ga_hid=1184345832&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-J7Ir78xSABSAghkEhkKCnB1YmNpZC5vcmcY957Ir78xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPieyK-_MUgAUgIIZBIUCgVvcGVueBj4nsivvzFIAFICCGQSGQoKdWlkYXBpLmNvbRj4nsivvzFIAFICCGQSFwoIcnRiaG91c2UY-J7Ir78xSABSAghkEhsKDGlkNS1zeW5jLmNvbRj3nsivvzFIAFICCGQ.&dlt=1700638360670&idt=1869&prev_scp=sesspv_refresh%3D0_0%26refresh_count%3D0%26pos%3D1%26tabVisibilityState%3Dvisible&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse&adks=3006380593&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c452287277338bb066408546c8c571ad1de50769b102e84c61311b8d7573e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52545
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC46 6 KB
3 KB 164ms
73ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:43 GMT
expires: Thu, 21 Nov 2024 07:32:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ 39 KB
13 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl_page_level_ads.js?cb=31079744

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c33f40ab939ca2d48b1aae408ad1a69c0d758f0d8cccf8fab6d78ec5a8524f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 18:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46456
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13749
x-xss-protection: 0
server: cafe
etag: 15176684494565588641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 20 Nov 2024 18:38:27 GMT

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
946 B 48ms
47ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJAQTdrFjacoOPpVo%2BLTTgnBgJBuKCqLJx4l8i0xQK0JQkzWHrvYDnK4NiZ%2FZvgcfviduKPPqiW0R%2F7OvR78g3JMEE2q38Ho71EeUAmhmWWgn4n%2FdzIfgBUGQ9qIoD%2Bu5uJo0KWlnV97wGw2cU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed186c04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
942 B 44ms
44ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WPEpStt%2FBg7A2Deu2UiZsP06CtAV2DDQqtYbdhvfLtQFfsKN0GpL7AFsD7oYOS8GLbQodqsYM8d%2BU%2F63PK%2BdpVKEliv6nkOT5lfl9dXgWZmi31LqB47lMbjti7SBBjRJbFaVynQStPQ0ASUu7c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed186d04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
941 B 40ms
40ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1g7gGI08cOzBmM7HP2RT%2BsaDpCdc3Fy1pjTeA0Zxj2hBYE08UDD5exMmooU4QuADY35jcZirPoVkEjQuTTl1M3NSl2lzwF2VDepFg2PeMv0SmniULhVNqe%2FszkIivJ2PeGDRcm1vlZxACLYIY%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed186f04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
947 B 38ms
38ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iH1oc6UnkCWP7ubrp%2BcZE6dU3hYjKdGTopPHccujRK9mU0dPN5tMMiVUrM56GM7MjxoGzCHpGI6lMdHUmHeumfNukJLPIi4Fnn3gKdW%2BfMnXwqL7rwAhJtPH3N%2F%2BIdp5HHpjeE0NcE%2FCCyBQg%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed187004a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
946 B 32ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsPiZcRb9iJW6JDdjxVWtD2YyxwXqqcjfdjnESMzlcXlm7R%2Fwo3oR7%2F5GM%2BiKTseNAGvOfryJV85fbmfb4xdxcZS4jWkxd7BaED5ai5gYezWZaQ0A%2BD2FCuZQTPKMMV%2FtmDcVIGWh9ZKksCHiYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed187304a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
954 B 34ms
34ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edCygm2WO2FDLSRd%2BGvxP9OnkcBfv%2FrMi%2FXhEyxpvFm%2BfeGc%2F9ZIH6oH%2FYOGGAA8huRT1tRcQcNdr46Jl%2FBpSletf8P%2FE3ofAJ1Ag2PVwUNo%2FuXHH1jcKuPgQEL7hTU4Qxd%2BVEZkTVWJ3Kpd5%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed287904a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
946 B 35ms
35ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ha3CBwvX0dZM1TJjgyBDgqr50Q3PM2XYoAkodOH8OmIeaNVvpqUPxQ9vihjGNlM%2B0Q5Ajp5luUePBQLakAfIJjAT4QNtzZ7QtAx1wk%2BhXkCS0XIUOPXCo%2F61dtBAS6w5rv%2FqD2WU8%2FtnQMjM5tM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed288104a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
948 B 37ms
36ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CszjFxWxL%2FQynT17aL7jrFDipsPjb6BVkNO9RBQ%2BmyWtQfsJEOLBi7nic%2Fd0y0ZOrzYgJIKbBHnCSNVJDx4OuJSDY%2BuDPgaHriGdDIfke%2Bbisjh3xkaoqj13%2FoLYRA77tv%2FhRa9ZzuPdE3fCRcs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed48a604a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
945 B 34ms
33ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlM%2FpnaNlhzcqLKYBXTwqwaNz%2FbDZpwG9202BUo%2Fj%2BmhXum%2FI0eaBGdJZlBZ2dpV2tTgb5w2xKlM%2Boswphs383g7GOnsC88497I1glfKMatdhVhTPRE4afCCsnj4EKnvW91IQH65xtjl2FdKTQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed58b204a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
944 B 33ms
32ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8ZsZlH5jwP7Yemnncvr4Dg3eiHKBN2mnUzNU0wGsXBSyxcEjNUwzVJB4B4UDjkuy%2F3kko64hwQNOn0s455Ynp0M6SOt%2BdnScXQs7CGYVa40LoIFpp1rE2%2B8%2FrQ3wpqeZ3qniwUmsPgTcqGg07I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed78d004a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
943 B 32ms
32ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX%2BtBFhFEwJvSzvscDTM%2Flpf6LLSJ8i1bTDRLtI2paogaphIaXRjCmlCe8LmldgCsPeknhtAXyFDqzCk5hubBZ1e%2BJgDhNWjrPysj6nkw8RZldPvZMYUNndy6mqnB4Jyweo6BqCzB9M1I0ScKmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed78d204a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
941 B 36ms
36ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHGUN15BQC%2BED8Tpwl60vREhiY5TdRTFowkJ4up0VNJOtcmqPU5tRWHJoffoIoprT9cau48AsZ06aGpWBHk1lhM71KO7uC3D2WlVYLHIxyS%2B0z7jY7n9%2FQMqkmznADavhoIoFiBBi6wrtJKaC8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed78d804a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
941 B 37ms
35ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WUkuL6ODsuS330race0Pz5aj8T5pmS6IWD3nc4Msrn9KTTCa9kLfzO%2BAaXwFudFPcuW1NWw2%2BemPJYajGprytVX1csUz7wnRq1DmFLxy2p9FTDqjaxbu4PGFZclq%2BRRyioHkAyOIjkr7N4Lqt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed78de04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
943 B 48ms
44ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFzbxDd5to743nGB0l8M2Ts4LMuR3oKNmdFJ0Tdw5%2BOidoY9HtqBcfWdHMZXvqCKZ5AoQe9yYNWxOswLOk%2FANxarkLyKMED7DQMApewkLCsRn6zvRiLitf1QOfpY3FI%2BQJzum63d4P6SMzwdLSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed78e804a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
943 B 46ms
44ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yfMDGIf4ebBN7nI5dvzhHsBEkr3N5lbOnWtnz0zGsxxzLa4SH4n%2FNRF6gW2kKFiDFBl2m0Fd3Eeb5w19%2BpXVaGQN0Tt7UE6PFD%2FWj1jRmfoTEPWDT5ZNLB960iGjlRnlFykEP1ugbJ4az%2Bg6A0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed88e904a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
946 B 35ms
34ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1tJ6I86rO8oyDj4xvsFX7aNeIRyQ4DSmZuybIG%2BrDPk7razzPE0nbh43pxMV1g0%2F4%2FBj%2BOCQfT4gw6ATqSXwFRIphzSSuxkmCTOs6h0xsNkE0Rf8TT3MgEKmHPcL8V26rnVMN2caA%2BCxxZM784%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed88ea04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
941 B 43ms
43ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJSDu7hOm%2BQvO%2BfFrktbTBpncbrT3oZuwhvCxrGI61MfpiK2BqurcPS2VfDJJ17QqyHWoIQAxN8lQp32aNNJyClDIYPSDe42xbMF0vxSG2MaxRaxRSaMT2BmmB5NFVTxV8FZYyrz7Gg3ztoYl0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed88ed04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
945 B 46ms
46ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950966
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jMs1bc2MQ7FUFvbEn1jUm3qb%2FMbBeJraXZCPEO9anBk5bu6vmrpDx8m9%2FCsHCNtBzjtRAYVrUozR2va%2BYK59zGNdsVpqRSF2Nz2D%2FruUq9uNoiJMA5zMKMx7gMNCeHx4e1mCjw5pM%2Fw0BZo6cs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7aed88f304a0-CDG

OPTIONS
H2 200 post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 0
0 160ms
160ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1700638362669

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 07:32:44 GMT
expires: Sun, 24 Nov 2013 07:32:44 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 post_index_feed Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 34 KB
9 KB 219ms
218ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1700638362669

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

0f858701b04fbf281fa89cff16a7aff239b2965f8c49eb26e96c6c3247128789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-query-cache: 1
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Sun, 24 Nov 2013 07:32:44 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 16ms
16ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=d387daed-9e60-4c14-a162-c5c47fd6593e&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 866370
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
23 KB 368ms
367ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1960253774774635&correlator=4091564241132716&eid=31079671%2C31079744%2C31078018%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700638364158&lmt=1700638364&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=132&ohw=0&ga_vid=381228326.1700638362&ga_sid=1700638364&ga_hid=1184345832&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-J7Ir78xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNiNWU2ZmFkLTJlMzUtNDZjYy04NjE0LTExNDYxNjQyYmQzNBj-ocivvzFIABIdCg5lc3AuY3JpdGVvLmNvbRj4nsivvzFIAFICCGQSFwoIcnRiaG91c2UY-J7Ir78xSABSAghkEhQKBW9wZW54GPieyK-_MUgAUgIIZBIZCgp1aWRhcGkuY29tGPieyK-_MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y957Ir78xSABSAghk&dlt=1700638360670&idt=1869&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D7__notchrome%26browser_hour_refresh%3Dundefined_7_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=494828697&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ee89ca5e71b351597d0bcfa53a6629cf0d395671a2ea97b1978f62ef32585a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23408
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 L0x-DF02iFML4hGCyMqrbS10ig.woff2
fonts.gstatic.com/s/urbanist/v15/ 16 KB
16 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqrbS10ig.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ac86f9bf7cddd7963a2df2dfd00d5bae17aff357eeee30a091c3160d86f4202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 02:34:12 GMT
x-content-type-options: nosniff
age: 363512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16284
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:09:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 02:34:12 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 78 KB
78 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:17:00 GMT
x-content-type-options: nosniff
age: 461744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79940
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:17:00 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 10 KB
10 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15df7612b2f445f4d18846aed403d0ca0947b3f8dead95d4b167621f5faaba57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:26:27 GMT
x-content-type-options: nosniff
age: 313577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10540
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:48:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 16:26:27 GMT

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
916 B 32ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGgbhCtgAT17Db%2FgZ1rAsZ7M4Bfn3LG4GUvmKKBdV9JH8%2FwmLV1ZcOo2u70RaGt54ug4BrWZzrxYYs51rT0Ow50JoZd5wwmptsui%2FCgCQt7y%2FVOXQoLCEPOXG2VsUFUfl9nWmgRTFEqavetGyOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af61ada04a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
910 B 32ms
32ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQCX2jQIguYsdHoOzl7dDwx%2Fhde6SHktufJIJqmmx7Dumiw%2BfWJgHBl06LMYzk5WC6Nvd%2FvGJNRgopJDEP1ad5vxCBhxdu7meR8BbLNCK%2FFYC1QFxkGW7jvRw8S5PRBvyTPW1bTvrqiZdrnCVGM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af61adf04a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
930 B 33ms
32ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmZbEKi9laRQDyWF%2FkWUiJB%2BC4kbIvW1Od6GKEenRt44TDcBkv2iqsF31dYgprGkQe01%2BRFcFiNzBGOKKSw8MW%2B%2FTJp7kJmpxIXw%2BloAkQxmiW8KdICdNSq1BXBE1%2BgB97dZYVqPXkXfbjS4IP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af62aeb04a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
916 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XAiNjQScQU%2B4T8U3Uc4gLh3vbR9acdvKTsOUI7HHulN8bVzy1QyFtrTjyWB%2Fv0FI0VqK1GjsVE2tAdoB2yo2qBGLFFSIbahb4TItzGvHoO2fHKdklHvFxwjgacZasWfXlkqfw%2Bqdn0eop%2B54VE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af62af104a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
906 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDPmrcQrHCHUm7sZhxi3JOF6krWdVI0QUQtwxmM28D3s4rAoxFjx2cseIyLwWETvsNi1s5CI72ffHayDMdIUEgkoWBtkK9okoLpalNkRQ5XZHptRuGfKs%2BZ%2FFLqHmV%2BVaHO6kiTbuOWR7LRxddE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af63b0a04a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
926 B 31ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4yE5kp8It%2B5FagPCdDfRIhgvlPIrqXdGUdidXzgLZIvY7H41KWZyowMiLbkhahBPPe86azBB%2Bxx9uU%2BHO%2FZJSvyrmwimsdARbzG7mLs56ArpilbNf%2B1K4qlA3%2FJafVk13LhaWDx2Bi26kgiNBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af63b2c04a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
912 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRBwbTwdW8tQij16IHWIiKJNA7BBFd%2BpsFTb5xzmWz4tJ53gnXjzbBefbdDI1iXRPmWozad7XLkmEcVmDnxpLbi5dkoGfaoi4tfs7RBV1%2FQDn0I3coE87n9A6hFP60L7MPX5mOW1LJtkY99xSas%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af64b3704a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
906 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxeQUsSGF3yiGDLg7NHa1XgPFUcoNE71D141HoInyFow%2FJ4mT7lf7J7eavAvCdZEcenw4Erhd%2BNDE4p0z2Qrf5K7nYSWOi8WYBUGMiWqQq5uXqfvFt0D%2FDw9sv69nuUoNfqFy6ncuP4fKJnOLrw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af64b3b04a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
928 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOQ4akGsiXVyhtKPJjmy3WhoC7M8nTi%2FxVzz9AhXjQbWfDTXOkcLe1S5pb%2Bxdt75BN3vJ7gPAnJVyAn6wWg%2FmpyRZ2ueb0WYuboq5PyRBZ%2F4BNFVmE26Xs8F6DYHNnDwhELiyBiji%2B%2Blq9LEmXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af64b3d04a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
921 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxGaqsqA0v1e8eNAZRbI2MUKeaVuE5MvbG4nwKnW5BDOj6iddArBIN29z9X%2FgWwl4VJIVZpDCQ4zGu8jdOzhrxmu267v%2BQ%2BDRj8HBdlLaq%2B5%2FsegMRknWEleca289B25QxmmbdTVM3qPP%2B6EOZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af65b4304a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
909 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBJJxKYJmjk46BLF6%2BfPAek0Hks8FG61qsnHoqxXdIKp6%2F7iKOk8t2DWH0ngmI7ep81U8e%2FxemltPTTSekA52TDFKliZrjRlb1UGrKKUSDfXuJ7c9iT77fRTmTxqIXbAiMXMZMIb%2FjRmSq%2BKBh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af65b4c04a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
923 B 33ms
33ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtO0RUAXo7ClDpxDCqABwn8%2F05e85iiVZm7YEB93ORNycGlaEACXO%2BFN5ulSG6GdR6hwVT5AIaS0a75PSni00HV6B%2BosS16o9hFFrHr70m3x8az9YwMx0Ge%2BMPvodRQACDvgdEpaqMulP4O0gtk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af66b4f04a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
920 B 31ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXoKlDKU%2FfA0SmehX2fcZACoU1SA2ciRqV4lT70ybE3PjKAB0%2BzU1pw8Y6ZJRM8t8bcwHENPUfcSfMmSd%2FxqgEWDte6RhUGPqZhxrjuGMwoyW92WXRhk%2Fjl%2BFjLLwQTBiwyOsD4WUkZdPVZ3frU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af66b5a04a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
915 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sex9i%2Fd%2BAWEWslVIcjf8u1I71hz5So45MAN%2FJq%2BpZgMI3C07GwkoTMhmKDUneHloGHhDw8DpxPMwK%2BJ8Wn7Onw0wjRjM%2Bu7H%2F398yEM8uvpCa39h1jUMG%2FYOjWR3bYeDC2GYX%2BdVqOTiaBWt0Zg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af67b5c04a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
918 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5N3dfRjTiF2zWzwRv8I213z1axqLU6kx6Xe8S61bFgs3n4me5g66vCH6maBubScpe5u1XbifslAJ8zbiSPuxvYUyXUkaYmkoqn0eTsMYkcBFcR%2BDR0wKSk4wKfpzNsFTs3UzczKC9KTeWPsw1Og%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af67b6504a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
915 B 35ms
35ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3P495wzBoea3DntsM51iNJQyfyxIEwlQCLZhED1csCYzlFgum3g05BAVRqmxCCq1lJxP39eD7JPn4Njqd8M0iufxavzfp6MN7CMwtJ%2BCbjIyDW3MXZOeHDrd%2BmdUB%2FiQxHYXQ3yyoeMpP2VU4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af67b6f04a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
910 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzkuJdk67MQh8N2wE9%2F6goUNuhF5uZMGSI0IjuDNeLHankYUGa9i92UbgFgKy9zro%2BSKbV6JKyCHE4eDlmQhjoQygXmiK0%2BH%2FoBSEcm7h6tm%2BqM1lI3JesCGYuw9Vxjye99%2B0Calqzmh4tEPPq8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af68b7304a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
922 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSJ3wVay3dUilZMjgkvsezVuJPveJ5hMzYoeqaoaT%2FQIk0xkB1XSE059AIwlfFn7qR0Y3jBywf2pbKDdgGRecpefXhjtTK6D5Cwj2ALo4Fm%2F407EWRy8Lr8%2BXvm68UwKyoSBN2x06u9OohSqvoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af68b7f04a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
919 B 33ms
33ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuwHXNljI%2FNZUEx65GVlgletyCAqneaXE9B2Kt377E1CSzBeNEruGa9%2BuqPJ6Ng4bSu8%2BsmsY7l2JIOxOAq8ryUfZBzrp9Tg1PLbmwcgoBV4%2Fh8qv66oOu9OpWed%2FQfnuKXO4XLz0l1LA250%2B00%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af69b8e04a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
910 B 33ms
33ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCcwbiPbPILDv5lEZivlHz2GQTPK%2FH5bf%2ByAU7s7wuV0695RyZtQryl9kX0FJ2sXKg6oI%2FUr3xwNBF608KzHyjFaGBUbYkCp9g%2B55TupVB5Vz416FSOCDDBFOLyJO3SkcCIJKQQXZuXfcbfvffo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af69b9f04a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
926 B 31ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWJIjqdGyIiSXT6sF3jLxyvdl4IbAbgwK1CLBoTkGEuJPbiI%2Bxj1%2BhFjOqSGwG9hKt%2FqOpbu3qXdGgnso1lodqgfJ3bqjWx7lxZG%2BVGPuufHF40xl%2FfQMGFGlZ6axmb2dMNC0POkdgOBUg2Jcwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af69ba404a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
923 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wz1%2FBeJK2Gzo1cFsvKNJVYSn8XizTXB%2Bw%2BqS%2FFygjQWCnYdXp%2B5d4luDHulyTqEezdtzxrBxs6wiXqXQqqWcwaxXIXF3g59bjxy58p5THoC3TZZh0vD5ENldoCH3%2BY1vQ3rP59gV9gn%2B8iGjuUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af6abb004a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
914 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3r%2Fk%2BfZnDzU2AoaJK%2B3jHqOqJcSL%2BLdwHXdw%2BrR%2BTVTLmcwv23dg3c0OMFeltZbJv8yHckfBF7xbgu9weAouDHfhq%2F%2Bix4qLucGaSs11ew6d6MPnJcbqN77gEYJY7f2pVAeTUsHVG%2FLOEc4Ehxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af6abb304a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
926 B 31ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0wIWeKxNjIK89CaRTGDqnkmljZL%2F%2BKujegd1z67sLBP6NNd7Z4lwaVCaTkCLfkUOfNYPj4mrxQlKA2RE%2BmFaPR2Iihx0FdUlL5Ij0vmqXbuw8NC4G%2FqhpXed0Y0%2FQlqmZQnvagarfsL9wlU3mY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af6abb704a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
917 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrW4%2BR%2FI9Jpv0ioYwSFDCQDC%2BNjdby6K4E2OMJGz4imOzA7utx3xMVdhPXtUwPufzXJa4s2gB7Aaqbba3%2FfBT4vstwRNTbLrYwHS22H1I5Q1QULxqVFweUR1qUzQLgMSLTuVijU8fdStrQIaHvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af6bbc204a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
907 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhGyj33fg91w7s0fg8N9UGCQeUi1zpS%2B08pJ9XAfjgO12Xd%2BOgW7kFXD2z1fXifvn1XIem1GpAALkfyWYKz%2Bxj1ZT6whhPCXWVdnL2xP0jEcW7bOzFQ8RWJO4RUnhy5UwxKrbeP4fJ3FY7xMUQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af6bbc504a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
924 B 34ms
33ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYit2mBlNU%2BJ1HjVaZA7Nai3yx%2BWvvpxn1iWCglxrYR%2FAjJgYflDhQLVcLpgQIY3%2FVJa0AYELuvtAO8RTo9DLGuD97ByIE5eHh5t%2FePZLq9t5AxITS2xLqFn9Zs8cdbaby1oMxTd0MNM9y2R0W8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af6cbcc04a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
919 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DznD8Yt%2BGukL8Xnz8gH6ObvRMXvj3fP96NVH6Ubh8G%2FuB%2Fm56y%2F28jQ9nmDz8qY5W6kvJY9ji2LcfC866HfetMqqYlMuYjhH8%2F2Rgzkaidzhji%2FR8VpCt522ib4MJSRlVSig9crPhRN7TgZ3vZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af6cbd204a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
916 B 32ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjO%2FKXgMrTnHLSYmsH9xXmSNS%2FZhWpgWq%2Ff%2F%2FKPAVii%2BYiYSyjbhn%2FN5GoNQA6V5x1VW7slWkWHvz0L049zKgUf58JDSgjtettq4JqkRZqZCoXncP9voIqgaB9d%2F07kttzzBSXAOI5z2rdI6%2BxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af6cbd704a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
922 B 30ms
29ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=El1DEi%2F7NNb0c9wmBwVmeZf6Spp1Ht6F5P9mr6uAso%2B1BRXuQb95EReh6ZA6GocrTW4%2Fd9Y9Iwr1Fq14mORhcuNwVvni7uvwbuQBd9xCh0spJeryvr0qm6MMEYh%2B1Xx77ZP4LYYvyeb9N621Wb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af6dbdb04a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
921 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyQbHAjlGC6lJqOMOwylq2tCTKqklshHb1l1LwTU9XpCk6KNXm08BceJWfxdFDjPqfj%2F1O4oJw%2Fs3IyEjOoA%2FxfJEWpHGcHlpUNTS%2F%2FB5xsewk3glZM%2FaYtpbnvn9xBboBwt6eIF4ybe%2BuWUD4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af6dbe104a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
908 B 30ms
29ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wKLgf8JwvhIYyZN5Cx3w%2F9wifeF2K8C0hXNQx%2BkJ28WFv3HphJl79di0VT5t16ecZ0GtRIZbKN1pNK2z5Mf7wHAMPxdANkkYHJiQ520NWBcwlGIHtjn%2BMSCD5jWPGsbPBFSmMTVZzYyZeYHqQI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af6dbe404a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
918 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLgcoXPojhoyRc4GWo951zx5HldftDX3XnmaSD4rKGBrgLvsXPMi6IWV4lZPtbiKmDIA%2BwM78dEca99nDEnB9bskzEL8ChSxHnMssKuuDRv5hRdhcGJEt51nWyuZFQW7yYcpcp2D3iEqjJ8UMEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af71c1a04a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
916 B 32ms
32ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzIy9V0sCxikMbI5Es57nZzmowZ6cezVVr0cnfZsA0XuF2XkQlZ3p8zSjMl1Vv6YLUvwAaaY%2FU12vGk5%2BO7WeA6SZP3mrSCIANsYfcCO3WAOG6PuM9yYJDHXwjp%2FMBxfCCBVf3mp05RydTJHxjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af71c1d04a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
909 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADQVJFc9rWwv6fHycyiLk%2BKcC9oAr8DKJNXRSHVbvU%2FLkRIJFHMD5frba6%2F1NBvMgV3RXf8ghzm3V2DWTv71eZC4CNt4ypLHwo43hhOaK3AWy%2Fz1pgAhaifZT06BYd0W%2BhthSWITDV12Ksm69T8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af71c1e04a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
924 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5gwU%2FNi0SYim9NLO3kfc5Bm2gjBsxJdicqc0Qzi0Gw3VbPdXfIMJHmzBbLlV6h80xiA9h7b1H3VGs0wU5G060ju4fz%2BAVxU7yUY%2B3jDwJ1MClipw%2BFNpFguYwSGvHq63NKor9uMtuTtd4bRUx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af72c3004a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
920 B 35ms
35ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnYJSWThY5Aq%2FZ9QZY7gDyJfoMnhsyxW%2Bs8lilgcv%2BYYNJ2S%2B0QPuda10DIe3gdOir3BXpD8vd4V0tY0BL6%2Bf6cuP8ZBspJJtVpXbTpBQB22qJf1NuIND0%2BcJstcw6fLe%2FAiXlThVD3Y4MI6GU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af72c3804a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
914 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcBmgNHdeT4lmokLIq6ZEEwvolzC%2FE8pBaCJJxswjpquye%2BTkM0A%2B%2FLo8mMIUO4GCOLJqvaVkypCMA%2FGF6S%2FUEKBQI69LA7lghpnqxcpw3GHqxZeq6PBzOmutAoTyvR5T0e%2FHVNn649lZJwQNho%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af72c3b04a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
929 B 31ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZ%2BOJEkgcmA7alk7xjM3FOVkZVoNa9k0K16SH%2BNGPejmm1gLDZbfGj9EfBg3xa0DRpVjODWaXd94XWm%2FzRRU2dhMRj7a%2FHRMv3%2Be0OHFoRutnSmpNxlK%2FWqUQJ3ncZMOWMf3pK%2FS0KN1U6HwD34%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af73c4504a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
913 B 30ms
29ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtIonf8Ax%2Bg5C18fX2Zi6b0hbUW3Ilgd0i4x3v5ElW3ZA6LALokU8yYxuoLtZ8k0cbPe1vaf79MEi%2BF7S7dKsY6AA1IvrRUe1nNPsIBMqc3Cwzzb8O0zNbxOObyEVKvZ1TdYndmMzKZyE5rfiGI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af73c4804a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
910 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95BnzpL%2Bc%2BYOCuoxIReFKH3KaY%2FHlDHsiRDAGiSMVFBCrdBaB9RKfksS9skC3zlT2ipVhteDS1TPt%2FNX8CgE8usUEkuv1w7MWc65VV9Jv1E%2BRq8NqKUmFpvbu%2Fn3OzLuoo0n8wNjRcZrQ9L2Sok%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af73c4b04a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
926 B 33ms
32ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeQZQ8pwW%2F5kQ27GOEg7wS19T1AVtWmwbxUh8O%2FLF9Jb6SmLbj10TcxsbxLC%2BumKg6VQyi4f0OkEfkTKPlytP60K2nxXhI4IDq45%2BL0LkCDGTHFQw0h2qxJJMkLBh149yO3fOT3FU5%2BgVpm3fIg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af74c7c04a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
913 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMtPMovWXj4OcbFsGbUgY0FMwHTU1xbWQ4tvIlF7OvNkicI8fnvgoqfkTwnB%2BRy3VajcsrK1lKwCHDR7m%2BNojXPI1rjUkm2C3cczppABtfl74i19J6EgLj8PAnCV6c0FITLXORbIWV3iyqaBGAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af75c7f04a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
911 B 32ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECXG%2BSH6O%2Fwy1eHtUQyEQnSmff40%2FYP2%2Br0S41SIdb%2FJI1lHLuiqLkL9tQQzjlDwJrjjCAGhxXkaMOH8wp60BvmUn4IGgxwnLq5TGO3BmNpCM10eYcIB7EOnvvgMcsb88MaP5IjjBc%2B3A4T5YZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af75c8404a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
928 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqoCcm%2FeYvm1ltlq5%2BUVjuOBQNrJQKLjxEyPrxeS0PAC%2BxvB%2FRNYnQ3CG0pVdclmTGExgN9cGpJqhdgopj5%2FI4IgN3PKvtjWl0LhOvmI%2BQaXk0dEb2BMlQJb7WmP7osZMODLpIZLZOIQ1yi5j1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af76c9204a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
922 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIhu%2BPPezczCV7%2BmDjJwbru9%2B8lsLoz1tNz42oE3YDTdup%2FN1o8gbx%2BDzUARbXXBrJkTm7aCPPtz%2FcnZXR913JShPYaG3hXIol0rcpttyntflhkPAt52k%2F1ZOdURXSmaYKPw0DbKtk%2FHMDNDcZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af76c9504a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
903 B 30ms
29ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY%2FwY0DyzHF1qO5m9jhvNmD0RCQPx8JnaaCMsOTmxbD18j6zU6ZSJK1JcznMhhotgstpRf5lPLmLssAU7ah7v1pAKZ6r65uZObTyegiWUTuFuRdCSzHxqDfWmzejLkoZIATzsGwxeQhcrOY611s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af76c9704a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
923 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJQWTUG8b0f4UNMjI38AMrieRkbu9n0fhecolX3aU1U0WNRhBH7sSwTgAkPHhYAW4RCOk2tQds17X%2FsIB5H6KaTAViVqP0IA1LNrKLquU%2FTwBTr%2BB0%2Bvaaw3RL2isN%2FzenteJtiz9b03EwpUxNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af78ca604a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
920 B 30ms
29ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IozLORaAL3YfwUn4he%2B%2FODSX7Mkz1ido7Nw4mxgzbT9JPulM6HfIM0iSazIl%2BccNsE8em3kTVunuM2j1j%2Bg%2BZU9KJEgBtGaXoKDVTmg7g0JQPjBpW%2B8CQUhTuoXkhK1e43h22pkP6nEolZPv%2B3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af78ca904a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
913 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tE3C4Z2TWIZefm7bl%2BddP%2BIDi4ZkvmYBI4XW3UyaSrMlif7vzXL%2BNxxcUbIg2V79VOnGSYbc7G31Ipmhrt1jweDCr24yUdRey%2FSuUWGm%2FmIoRub6jCISqH%2Bqqi0eJ%2BkUaSV8N%2BABn3aT5tBY0gE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af78cab04a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
927 B 32ms
32ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BxQW%2BjSvvzEHL65QcDQEg7d1OVvXHNqGiFVJoH3bZT2OKX6%2FrZMW2Fo%2F5vmOvAXssQPMbEzy%2FOsbVQTQmsMUyw3UpuVdR9FTdnPeqdSyimDmS5pSHCqk7SMDxesn2lWyOHrbaruMCwKRdAi8gU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af7acc204a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
920 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2u6%2FV2tTTE19pOMqDHX6RRiynWMyZhZFQ%2FkUOhDbtVla0vH4so%2FPO0uCctdoykxCxCVSYll%2BafWEqY14VvPAdDNIiVwUQ1BY4KQc1QGFGnZ5GZ%2FWDg2Knp4nvvJRm9tKX0%2FSyGY7a2kxFOpoq0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af7acc704a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
908 B 32ms
32ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gX%2B6iadl2eoVhqEToH%2FlV6em0Rn1l%2BK732rx5rU0yzGKVsyUZ6z0FhWzvMfn87d264qaYaEQjpsde%2BuW%2B76J7XL5ZpM0SVtLoYIYNtBR5KCuTodLAAOsJgRCzlG6sePV0Zd9sc6LMm%2BtcL2t9EI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af7bcca04a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
922 B 33ms
33ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyanookFzPc4jWsv2bbCn2TdSfWuhDM2qnOrc%2BoQKjrDjawoRHcGU9Jj7xcrSEDfbcICJzBOLbk4P1m18luE7tXZ3EbHC%2FfXLW1fMZAy24ljturW9Z5hy03KTzJXqEpKoAwvLWQys%2BZz14bx89k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af7cce604a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
921 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dx%2FdL%2BljI7kM%2B6Nk4cddcxl10erGrrWLV6zbwaSBmCY356Km6RMTh5wYlreMDNgb9uRK99TunqKFn1aQuLPP%2Bgd%2FBwImMrbQ0c3yygutYwwdD%2BBZUtZXEOV%2FX7kAfuSeewshXuf17x4hR3p3lh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af7ccec04a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
906 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiy1FM3k7qG1OtIUqfCzc6vUGEEirU8KmVmGUKGgvkjGEIBiB5ZNXxFMAziiVYZ8zqNhXajhsZFUsbbPhCuif6vac33pHwQCFdhG6XZWXBCwRePXs9jMPq%2B5MVwLoh1LDhX%2BnqaseYsqSq5tq8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af7ccf204a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
926 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmYOsSZMb2TQaDAQsCI%2FdmiyL%2FGmBbHoRHHandAY7CCBGW0EY2lLDN3qm685ksujJNnKmCQKQJGdWKePGv%2F5vSga1zh5tEurTbku6Wk5RwV7CNd4XZ%2BUNgHcYk0sNOY%2F2LnMk5MJAcq5UARBhUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af7dd0204a0-CDG

GET
H3 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
916 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1124214
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mrs10555-MRS
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5VddM4PaAimoe9ZDpC%2F4d11PZZwdmCISbKtmZ0zYraa1eAZbeRWGYoPd%2B3d5HkD62fjDAOQNmWavL97RCWGzr%2FDaWz0pEAmkoAD7UQCXap4VAmTBa3KsOellCnLo0DCHEuiZW%2FhkX1Jg5wmXiE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af7dd0404a0-CDG

GET
H3 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
910 B 31ms
29ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1212413
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mad2200100-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DaC4j%2B0bb0PWq78npwCyDfgLI%2BOJgOmzlmMQH%2Bg07337UdwPFZYxqCaZ7lh6%2FcO17gfUplKt6Pd%2Fs9IxwITBFSNTxh0mrukOm7tMPb1rkq%2BNgQ8DI9sQPaauIBIN6jnmsHEGpLi9GnodK4bgbLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af7ed0a04a0-CDG

GET
H3 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
923 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1817970
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-mad22042-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NZDKpMz%2FCyDPjhqcLsFU7SCVqGaYoeKEIFA8rLDMAnLrbNnjfV2z0AcH9ZkgvkrHOX8i0x0M%2B91VJAyRhL5yP1fnKN61750vpGZC6gKhtET%2FCqr%2F9l2fzez21s7sUbjGzjvV4iirrVbvKj9q5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af7fd3204a0-CDG

GET
H2

200

logo-thai-hung-phat.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../logo-thai-hung-phat.jpg
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../logo-thai-hung-phat.jpg

19 KB
20 KB

234ms
168ms

Image
image/jpeg

2a00:1450:4001:80f::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../logo-thai-hung-phat.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c4223cabecb3cdaaa96355faae946e8b2b7d14ee205f84642d8f5eb3e2abe25d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
age: 0
x-guploader-uploadid: ABPtcPrlT7OKVxp6RZwnqGFHtKA8x11gJ1_BMvFBYntDWIQZG5ZAv8IYGwNas17asaLNXLGFAEny9YUpUQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19703
last-modified: Thu, 09 Nov 2023 08:58:28 GMT
server: UploadServer
etag: "cf72fbf1ed3288bbe93eca99b8e9a44b"
x-goog-generation: 1699520308526640
x-goog-hash: crc32c=UQOBPA==, md5=z3L78e0yiLvpPsqZuOmkSw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 19703
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 22 Nov 2023 08:32:46 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../logo-thai-hung-phat.jpg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Thu, 23 Nov 2023 07:32:45 GMT

GET
H2 200 Legal-Terms-Series-Complaint-and-Answer.jpg
www.kryderlaw.com/wp-content/uploads/2023/08/ 344 KB
344 KB 916ms
854ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kryderlaw.com/wp-content/uploads/2023/08/Legal-Terms-Series-Complaint-and-Answer.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7013b3ab5a1cdef208db2ac82ad1f1b9e323d4a04fee3a53d06a7077f1fc2d8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 19:15:38 GMT
server: cloudflare
etag: "64dfc35a-55e3a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 829f7af858ee2373-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 351802

GET
H2 403 OG-image-Shamlatech.png
shamlatech.com/wp-content/uploads/2019/12/ 0
0 80ms
24ms Image
text/html 2606:4700:20::ac43:47fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shamlatech.com/wp-content/uploads/2019/12/OG-image-Shamlatech.png
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 blinds-1.webp
risalafurniture.ae/wp-content/uploads/2023/10/ 50 KB
50 KB 1532ms
349ms Image
image/webp 162.241.169.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risalafurniture.ae/wp-content/uploads/2023/10/blinds-1.webp
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.169.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: p4strategies.com
Software: nginx/1.21.6 /
Resource Hash: 4cfda82d6ced2d4669f3d1ab4f1ff74cd01d9362ca23cc53f3f7fe7279396da3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:41 GMT
x-nginx-cache: WordPress
last-modified: Wed, 11 Oct 2023 05:39:39 GMT
server: nginx/1.21.6
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 51058
expires: Thu, 21 Mar 2024 07:32:46 GMT

GET
H2 200 1*VEfzufpTS5vYDzg45wel6g.jpeg
miro.medium.com/v2/resize:fit:1200/ 131 KB
131 KB 206ms
160ms Image
image/jpeg 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fit:1200/1*VEfzufpTS5vYDzg45wel6g.jpeg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

183997e50bd1afb425258d050eb076a6256be84a793b80567eb687bdf0c1269d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'none'
cf-cache-status: HIT
x-envoy-upstream-service-time: 37
content-disposition: inline; filename="1*VEfzufpTS5vYDzg45wel6g.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 133724
x-request-id: e577c23f-da2b-4d20-bc9e-6a80aef0bda2
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "w7t9pgIdRPKzuacZhjkgMIzoynpKw3BjSFpIAGnJEXA/RIjU0NDdmM2I5ZmE1MzRiOWJkODBmMzgzOGU3MDdhNWVhIg"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20231120-091327-e2dd1b4066
accept-ranges: bytes
cf-ray: 829f7af838da01f0-ZRH
expires: Thu, 21 Nov 2024 07:32:45 GMT

GET sbr-bull-apple-icon-180x180-1.png
wpi.sportsbookreview.com/pickdev/2021/08/16144901/ 0
0

GET
H2 200 587-777-7000-2.jpg
myfirsthomeincalgary.ca/wp-content/uploads/2023/11/ 179 KB
180 KB 1077ms
1017ms Image
image/jpeg 2606:4700:3033::6815:26e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfirsthomeincalgary.ca/wp-content/uploads/2023/11/587-777-7000-2.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:26e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37b1f01b5c861d556b510948adfa56c3920ccf971ccace1f62294006f8462c7f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Nov 2023 11:39:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVfpvfFbi2rCwx2Pw9b1O4Q7Si1zCvkEo0ii9FBKOJur%2FRYVWkrHudXa2yztZsbIP68zdvIIoVpxBXl0LRX30s3nqv2MiWJNemdzbQlFwB6ZO9DHEhzXWb0eSSpL2RD0Jg%2FOnU9ATNP8vBUMTrIyU9OtykUdYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 829f7af8598183b8-MXP
alt-svc: h3=":443"; ma=86400
content-length: 183629

GET
H2 200 bbjbcnbcv.png
astrologyexperts.in/images/ 18 KB
19 KB 451ms
136ms Image
image/png 2a02:4780:11:1189:0:2e75:d040:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://astrologyexperts.in/images/bbjbcnbcv.png

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:11:1189:0:2e75:d040:3 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

88871b51ece3fcd50b57852d5fe96edef94dd83ea3b93f6b1cbe2a97214995ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 13 Aug 2023 10:37:35 GMT
server: LiteSpeed
etag: "48b3-64d8b26f-76746291ff06221e;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 18611
expires: Wed, 29 Nov 2023 07:32:45 GMT

GET
H2 200 favicon-512x512-c43f1003be0acb2a835e63e3e045fcb5.png
www.comfortkeepers.com/assets/favicon/ 32 KB
33 KB 179ms
115ms Image
image/png 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.comfortkeepers.com/assets/favicon/favicon-512x512-c43f1003be0acb2a835e63e3e045fcb5.png

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

9c37bb778fc7b255e25165fc65d00035534c7053aa8e87bfefead3a93353f1d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 07:32:45 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 0
x-dns-prefetch-control: off
x-cache: HIT, MISS
content-length: 32746
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700638360&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=qpPfcn4pnKfvPW29jDvXkpf0QcUFnAzDKCvMfIrEbcg%3D
x-served-by: cache-iad-kcgs7200090-IAD, cache-mxp6946-MXP
last-modified: Mon, 20 Nov 2023 21:22:28 GMT
server: Cowboy
x-timer: S1700638366.500670,VS0,VE97
etag: W/"7fea-18bee9cfe20"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700638360&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=qpPfcn4pnKfvPW29jDvXkpf0QcUFnAzDKCvMfIrEbcg%3D"}]}
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 /
orchidhousepainters.com.au/ 0
0 2100ms
523ms Image
text/html 149.28.187.227
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orchidhousepainters.com.au/
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.187.227 Sydney, Australia, ASN20473 (AS-CHOOPA, US),
Reverse DNS: s6-syd.intesols.com.au
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
951 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etIdF%2FqePCzMv8dDntihDN5Od8xzngYgXh6j46hjvQjlvzd8pN%2FiRiZP5O%2Bc5xpCdBUjDUC%2F3lNVhayiknhAxl34KX8h%2BYFuE98T%2BdgYERJU4jHsIExy%2BMTuEV6txVXJK0Y%2FK3Qm8hq8Y13SrfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af80d4e04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
950 B 30ms
29ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEhL7lSVMAa7uTy0lXMdO4oCG8P%2B8VwmAI%2FDhHGeHAUIBAlZq75slqNYSe21d9gwjxBxpOAdKMaOzzkC0KrwJfUVYXnbW%2FxAsz%2B6ki6I%2Flzg4%2FnB8pPztfVH0KbpZRiC%2FON95aEI%2FuOIYqPWeVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af81d5304a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
940 B 32ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDT3s6khhu2Nu8%2BtJqxWDmCTxjSdeg1YwBT3PJrA7OaA1UTQUV5GS9j0grYCupNPQhU4X4902IlpcPND0E7jSltsOiMrmmgl2kSMOZmExKEPgCDuezFPXpvMi9NC5ZbEDQhhn53tPqO4J1OxwMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af81d5704a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
943 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BtXG4FHbqJwPlEf37Kn369fVp5iWzM%2BPS1K8KAOLpAbb4pepvKAEr%2F7t4h8UeUFKUttE5ocNP9K2WM3040IwKLwEXNahf9iRVZxMnGXyrnlO%2F2HqdZ9Zdg7TipiHqd4Bgmzt4H9vBK30TqJsFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af82d5d04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
945 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zrd1XhGk%2FRfgoVeQfeOBZk2I7tuprm%2FCBkg9QMdlAGUEzzFz%2BSJrNCoi4yXPoGVjJZXZpzJq2nP%2B1iLiSuChktpmf%2FSThGxUinSFyuDpXAo88dzgoVoKVu2KyZ0VzjEdklfi6QdchWzCNamo2c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af82d6904a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
944 B 31ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7liHanfxWGZQAFcDhCRMbC5bDAEvj5I5xbTQFUxi7sbyjna1PUbOfpvooa9jEHAxXQ3Tjybus6DPrRTy3DKZPkwgrTSrLc%2Fjk4Z3A5S%2FwetJRfC5wPBVizWnw0mO%2B4BDPCJRIBziAJlBS6Ppro%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af82d6e04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
946 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQxVEnZLDRPQjMUeWeh27nj5QQmCm72lZzbHzz15ZZE%2B0oPtAVc3RMWJCvCLzaRYTbIxrBUrhpk5%2F92cBgkQ%2FqgZAPAmLZ8BxbojfSJstTOikVomwDhKTYoTTPrgp9MZXC7O%2FSU6tlUHJ0qQbSg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af83d7204a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
941 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FU8l3G%2FR1IAWAhGnutePTV3WomnKlheS9WyD55NkOT9EDYObCmGFr7qLDdbrmaFRSaQp7dBh3kUX7VaPOd8v2QmpLLqTyuB5abIJsg87mLtlr%2F8Ho3NMB7cyv5qzKWDAq9CzcFAxVAsgGfujl8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af83d7804a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
940 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teePkewAFPSAegMHBuul4QguX3mFut0lw9sgsvNlzTiuHVLNN1OlLShbh7paPVn%2F7CAbR41sGxXWb6gOh2W4gy%2BYaMhmQUGXcQum7SVeeGUiHm8YK4uiQxPEG111ExIyJQDGS5BULPV9Zy3fHoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af83d8504a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
941 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul63tottjGTppiKSVHTdV9NUHO2Qq0Ppw5B3zIovfHKGtv8XAWM00DdX8WJJEBaTEt98cKhXbe4TTKGkF2KN5ZKzEJ0O4P9dCT4jQQg610k2y3%2FtVuInBbtMgxMgJeAYN%2BkaZdS2cRA6ibjRQcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af83d9c04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
940 B 34ms
34ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsFQOj22S3dLqqG16VdIL4m07DEP6kZ6Niouj36gNSq4hoE9gI%2BToOPE%2FEHoNS9oStKD66TO97i7a7yYfy3ZCCKZBgTooy29OAGG5s5rSNhssEbbNp2OL2qh0EdVu0FkBxdFGlIP3gc7IKBW5XA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af84dcb04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
947 B 34ms
34ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FG2ELcOpy9iXJF269UT1K5Q8rC33Jf%2BbzhYt5r14AZjVmJk5XWVt%2BFqdIEcSgDeL%2BPGSRcD4cPpnC9mklA9Bocj4U1Nw3%2FKN5i57Qq3PWfWT%2FGtuR6HW8xB5JnJNnJQ5XaY26vR9FhxK%2B3r3Jg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af85dce04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
936 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Q2tCtt7fUG9J925sJAtFAttTdiYXcb13dLxbC600D04sJGJqHosVEor7Z%2FhSMaheVIf2ccVIAGtDQfD9L7DyRtgJetYEq2W7sPimF0NY1ymp7X8lzhZ87ru6lmkb1rDtrilJyShNIrFsZJhPO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af85dd004a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
946 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tOsQO%2F0C9304l6rnLUnj5ZaYleawqgznfe%2Fe%2B3Yx41%2FMeWZEhtf3qEfMBvQSEFnyGxDHPE2Pj2Ve4dYce8IZuXWk9P0RxGGsMlU4TEcQ2r2nHbF%2Frscx3OKDOwJjUhhQjNYB4TTshA%2FJJr9QW0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af85dd404a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
944 B 32ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=do6XPRXY%2BjEO8wV1c1gR8G40gxAfKUx83C7Bza7rsgcvWPQm%2F1lVcBD6qnvYVSLPi8PeB%2Bv3DfY92Goo91i4RhEQLQ3i0urx7f9dOo%2Fn6ck0BR5g3ZvjPa67ND2X%2BsmBlKOyBIjhB8WFwnWlzeE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af85dd704a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
947 B 30ms
30ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtYysy9XgpDkl4qszGYXIOpzRZCqnbrS7VBe%2FgTzqcAAJF9AYyzK92uDz0ZR9W%2FD4s7Ke4Yly41Fo9lOR9M5XYs%2Ftcc%2F7SzOaIdgzKjHXPohGdCdQaMR05HYbPFDZiDZXSDp39Ckumm2k77GT%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af85ddc04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
947 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mg2tDXEKh%2BGBuISaFHWyYU%2BA5%2F58XcMxs%2FWfC7X9YxSao0C9jUoPRQ9GZ4JERxoBPN9G7GNWDumVLjaYKAifpPYHwesMla68rMJy%2FnptGZzfCXwBumBvmNJME2sYy1eZSzVUZYNRN1TaDh10z7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af85ddd04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
945 B 34ms
34ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Shjc8g9alLKBWcVr8vBP1RFjwtfRhxFYyICVp95Ze4NN6ejMrV3bauFfb%2F55kBtsQ5pB%2B52YJH9xxSnqoYVE3cSuAC4tMplUreQWMVJMOWwu6EM7%2FwtKCOoOVTFI%2FV%2B1K2aGA7dWL7bFbiUTnmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af85ddf04a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
945 B 34ms
34ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oY9owzKykZwMeHXxCCE%2BymKC3J80zyBLIEo8qoypr7r4xxhlbhhkq6EHyDWt5VDYWKJWHAycA7ztGrOHdWtqc%2BBg40SXX%2FSS0NfNo9%2FpPLekkZAYNYoNxY0ey4iuiEjtpjJXFmD3vfIJ4oYPfsg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af85de104a0-CDG

GET
H3 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
942 B 31ms
31ms XHR
image/svg+xml 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 950968
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-mad2200121-MAD
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRaUGS%2BP1Hemw4BFvKJbvJKuEz0t9J00MPGi476SAeg313jeGbV4JK9rat50HU1dOOlRTzpp8jd3y1nA79U%2F6twQb84vn5%2BM%2FnL85x3UP9a17Awd8En81ITsKA17sEh5fX%2FbsCY5udymFabW5E4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 829f7af85de604a0-CDG

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 436ms
436ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1960253774774635&correlator=4401114507076322&eid=31079671%2C31079744%2C31078018%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700638365508&lmt=1700638365&adxs=386&adys=1334&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=381228326.1700638362&ga_sid=1700638364&ga_hid=1184345832&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-J7Ir78xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNiNWU2ZmFkLTJlMzUtNDZjYy04NjE0LTExNDYxNjQyYmQzNBj-ocivvzFIABIdCg5lc3AuY3JpdGVvLmNvbRj4nsivvzFIAFICCGQSFwoIcnRiaG91c2UY-J7Ir78xSABSAghkEhQKBW9wZW54GPieyK-_MUgAUgIIZBIZCgp1aWRhcGkuY29tGPieyK-_MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y957Ir78xSABSAghk&dlt=1700638360670&idt=1869&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D2%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D7__notchrome%26browser_hour_refresh%3Dundefined_7_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2233693956&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9db26cc4a5ececf2b730187e781db0e354251ae4c7103743651bdfe2ab360bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23215
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 464ms
462ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1960253774774635&correlator=3145456278137256&eid=31079671%2C31079744%2C31078018%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700638365511&lmt=1700638365&adxs=386&adys=2219&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=381228326.1700638362&ga_sid=1700638364&ga_hid=1184345832&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-J7Ir78xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNiNWU2ZmFkLTJlMzUtNDZjYy04NjE0LTExNDYxNjQyYmQzNBj-ocivvzFIABIdCg5lc3AuY3JpdGVvLmNvbRj4nsivvzFIAFICCGQSFwoIcnRiaG91c2UY-J7Ir78xSABSAghkEhQKBW9wZW54GPieyK-_MUgAUgIIZBIZCgp1aWRhcGkuY29tGPieyK-_MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y957Ir78xSABSAghk&dlt=1700638360670&idt=1869&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D3%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D7__notchrome%26browser_hour_refresh%3Dundefined_7_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2566420883&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15bc7f40ab051513778fb6f28590d862e7bb4cae006e9f63f6bcfb2859b9c9ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23175
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 391ms
390ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1960253774774635&correlator=1617421129342496&eid=31079671%2C31079744%2C31078018%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700638365515&lmt=1700638365&adxs=386&adys=3104&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=381228326.1700638362&ga_sid=1700638364&ga_hid=1184345832&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-J7Ir78xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNiNWU2ZmFkLTJlMzUtNDZjYy04NjE0LTExNDYxNjQyYmQzNBj-ocivvzFIABIdCg5lc3AuY3JpdGVvLmNvbRj4nsivvzFIAFICCGQSFwoIcnRiaG91c2UY-J7Ir78xSABSAghkEhQKBW9wZW54GPieyK-_MUgAUgIIZBIZCgp1aWRhcGkuY29tGPieyK-_MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y957Ir78xSABSAghk&dlt=1700638360670&idt=1869&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D4%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D7__notchrome%26browser_hour_refresh%3Dundefined_7_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=752999773&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4c9de93c9bb2b920fa850e5d2fc5ac23474fa967a3b0ccb1d79e273bf296c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23407
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 357ms
355ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1960253774774635&correlator=1077900017673907&eid=31079671%2C31079744%2C31078018%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700638365519&lmt=1700638365&adxs=386&adys=3989&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=381228326.1700638362&ga_sid=1700638364&ga_hid=1184345832&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-J7Ir78xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNiNWU2ZmFkLTJlMzUtNDZjYy04NjE0LTExNDYxNjQyYmQzNBj-ocivvzFIABIdCg5lc3AuY3JpdGVvLmNvbRj4nsivvzFIAFICCGQSFwoIcnRiaG91c2UY-J7Ir78xSABSAghkEhQKBW9wZW54GPieyK-_MUgAUgIIZBIZCgp1aWRhcGkuY29tGPieyK-_MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y957Ir78xSABSAghk&dlt=1700638360670&idt=1869&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D5%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D7__notchrome%26browser_hour_refresh%3Dundefined_7_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2414587748&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b805ecbeddc57cdb267383c92a9533a65d56e44e1b91bb7df081b2ff1cb57df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23202
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
22 KB 335ms
334ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1960253774774635&correlator=1750376950521479&eid=31079671%2C31079744%2C31078018%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=7&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700638365523&lmt=1700638365&adxs=386&adys=4874&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=381228326.1700638362&ga_sid=1700638364&ga_hid=1184345832&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-J7Ir78xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNiNWU2ZmFkLTJlMzUtNDZjYy04NjE0LTExNDYxNjQyYmQzNBj-ocivvzFIABIdCg5lc3AuY3JpdGVvLmNvbRj4nsivvzFIAFICCGQSFwoIcnRiaG91c2UY-J7Ir78xSABSAghkEhQKBW9wZW54GPieyK-_MUgAUgIIZBIZCgp1aWRhcGkuY29tGPieyK-_MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y957Ir78xSABSAghk&dlt=1700638360670&idt=1869&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D6%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D7__notchrome%26browser_hour_refresh%3Dundefined_7_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2954782562&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

267289b0d00dd787ac769fe7d243f6fc15fd7d721d67656bab04a5ea874a4441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22870
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 323ms
322ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1960253774774635&correlator=3113867652045173&eid=31079671%2C31079744%2C31078018%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=8&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700638365525&lmt=1700638365&adxs=386&adys=5783&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=381228326.1700638362&ga_sid=1700638364&ga_hid=1184345832&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-J7Ir78xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNiNWU2ZmFkLTJlMzUtNDZjYy04NjE0LTExNDYxNjQyYmQzNBj-ocivvzFIABIdCg5lc3AuY3JpdGVvLmNvbRj4nsivvzFIAFICCGQSFwoIcnRiaG91c2UY-J7Ir78xSABSAghkEhQKBW9wZW54GPieyK-_MUgAUgIIZBIZCgp1aWRhcGkuY29tGPieyK-_MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y957Ir78xSABSAghk&dlt=1700638360670&idt=1869&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D7%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D7__notchrome%26browser_hour_refresh%3Dundefined_7_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3024330878&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1077c36ee5ab9be963afadb3ec0e46e21dba39976758833c3fb41135c05c6e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23431
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 616 B
304 B 238ms
237ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1960253774774635&correlator=2336124784351297&eid=31079671%2C31079744%2C31078018%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=9&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700638365528&lmt=1700638365&adxs=386&adys=6670&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=381228326.1700638362&ga_sid=1700638364&ga_hid=1184345832&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-J7Ir78xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNiNWU2ZmFkLTJlMzUtNDZjYy04NjE0LTExNDYxNjQyYmQzNBj-ocivvzFIABIdCg5lc3AuY3JpdGVvLmNvbRj4nsivvzFIAFICCGQSFwoIcnRiaG91c2UY-J7Ir78xSABSAghkEhQKBW9wZW54GPieyK-_MUgAUgIIZBIZCgp1aWRhcGkuY29tGPieyK-_MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y957Ir78xSABSAghk&dlt=1700638360670&idt=1869&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D8%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D7__notchrome%26browser_hour_refresh%3Dundefined_7_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2533869661&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

206a00581dee6490474255fed79f58893a25fc42c6e9208f2b1100231a01de8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 379ms
378ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1960253774774635&correlator=934804827744927&eid=31079671%2C31079744%2C31078018%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=10&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700638365533&lmt=1700638365&adxs=386&adys=7599&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=381228326.1700638362&ga_sid=1700638364&ga_hid=1184345832&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-J7Ir78xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNiNWU2ZmFkLTJlMzUtNDZjYy04NjE0LTExNDYxNjQyYmQzNBj-ocivvzFIABIdCg5lc3AuY3JpdGVvLmNvbRj4nsivvzFIAFICCGQSFwoIcnRiaG91c2UY-J7Ir78xSABSAghkEhQKBW9wZW54GPieyK-_MUgAUgIIZBIZCgp1aWRhcGkuY29tGPieyK-_MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y957Ir78xSABSAghk&dlt=1700638360670&idt=1869&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D9%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D7__notchrome%26browser_hour_refresh%3Dundefined_7_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2606919589&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3693a101674abd179dc5b0324d5cdc1cda16acd2210141ea8e83f45b482d4e22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23181
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
22 KB 451ms
450ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1960253774774635&correlator=3745114508210828&eid=31079671%2C31079744%2C31078018%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=11&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700638365536&lmt=1700638365&adxs=386&adys=8484&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=9&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&ga_vid=381228326.1700638362&ga_sid=1700638364&ga_hid=1184345832&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-J7Ir78xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNiNWU2ZmFkLTJlMzUtNDZjYy04NjE0LTExNDYxNjQyYmQzNBj-ocivvzFIABIdCg5lc3AuY3JpdGVvLmNvbRj4nsivvzFIAFICCGQSFwoIcnRiaG91c2UY-J7Ir78xSABSAghkEhQKBW9wZW54GPieyK-_MUgAUgIIZBIZCgp1aWRhcGkuY29tGPieyK-_MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y957Ir78xSABSAghk&dlt=1700638360670&idt=1869&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D10%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D7__notchrome%26browser_hour_refresh%3Dundefined_7_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=4085529275&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bfc91a9c814d6b0b3658e8f085b706d3a8e18fdbed6ee33aa548c47080a013a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22937
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
225 B 72ms
22ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://folkd.com
date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET esp
oajs.openx.net/ 0
0

OPTIONS
H2 204 esp
oajs.openx.net/ Frame 0
0 171ms
133ms Preflight 34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-coalias-route
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://folkd.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 22 Nov 2023 07:32:45 GMT
vary: Origin
via: 1.1 google
x-powered-by: Express

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5DA0 15 KB
6 KB 84ms
29ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 298872
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 201 B
474 B 77ms
39ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5d4c8ef8044f87bb52ddb627b09ed380eeb737ebcc31750d88081a601759dc70

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Nov 2023 07:32:45 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 6899b19e1cae193f4de6f6b73f46c1bb
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
content-length: 201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 container.html Show response
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1FAF 6 KB
3 KB 29ms
23ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:43 GMT
expires: Thu, 21 Nov 2024 07:32:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
690 B 154ms
57ms XHR
application/json 18.202.86.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.86.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-86-19.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 67664636e41f19decd95b994404788cefb43fde6744cb8bf81f9d7271e59764b

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:45 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://folkd.com
cache-control: no-cache
x-server: 10.45.22.141
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H3 200 container.html Show response
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E3A 6 KB
3 KB 24ms
22ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:43 GMT
expires: Thu, 21 Nov 2024 07:32:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 16ms
16ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=d387daed-9e60-4c14-a162-c5c47fd6593e&a=p.f.i&u=JYM01M&d=%7B%22c%22%3A%22CH%22%2C%22r%22%3A%22%22%2C%22p%22%3A%22%2F%22%7D
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 866371
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5DA0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=folkd.com&sn=ChromeSyncframe&so=0&topUrl=folkd.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=S2Ykanx3ZGM3ZW1vcmMvVU1ZTmM4bFdLeXZjcGFtdDRIM25FNDRKaTRCQUwyT0d2ckN1MXZlZ3lRNXFmVXRTK3BEVWxZNW02NDFIdGRCckEwdFdSUEFDakhtaWVRcHBLa29PTnJ1cUMxZjhqa1k1Rml6amFCK1RPcG5RYW...

439 B
656 B

31ms
29ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=S2Ykanx3ZGM3ZW1vcmMvVU1ZTmM4bFdLeXZjcGFtdDRIM25FNDRKaTRCQUwyT0d2ckN1MXZlZ3lRNXFmVXRTK3BEVWxZNW02NDFIdGRCckEwdFdSUEFDakhtaWVRcHBLa29PTnJ1cUMxZjhqa1k1Rml6amFCK1RPcG5RYWlnVDRkYnhmaCs0SEVhbDVTNno0dlFRbFo1ZjBrK2hNbmZacGx5dXdaUXZDa0JEbFhHYWJjK21wUFJQaFhvSmJGdHdsaXlHdnFXZjBiOHpPMENsdnNKYUx6VnhPRGhoN0VMa1dEMGhkbkM0TFEwWWgrSStKck5nWjNNalBVZ3NiWk1Kcy9LOVkzRVlhTHhDZ1pNMmJOK3MrL2hjRWtuUT09fA&cppv=2

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e0d8140dd4a3acce569e304ee25611b9da00b27b139b2ab15a697d715aee8062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1108045
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=S2Ykanx3ZGM3ZW1vcmMvVU1ZTmM4bFdLeXZjcGFtdDRIM25FNDRKaTRCQUwyT0d2ckN1MXZlZ3lRNXFmVXRTK3BEVWxZNW02NDFIdGRCckEwdFdSUEFDakhtaWVRcHBLa29PTnJ1cUMxZjhqa1k1Rml6amFCK1RPcG5RYWlnVDRkYnhmaCs0SEVhbDVTNno0dlFRbFo1ZjBrK2hNbmZacGx5dXdaUXZDa0JEbFhHYWJjK21wUFJQaFhvSmJGdHdsaXlHdnFXZjBiOHpPMENsdnNKYUx6VnhPRGhoN0VMa1dEMGhkbkM0TFEwWWgrSStKck5nWjNNalBVZ3NiWk1Kcy9LOVkzRVlhTHhDZ1pNMmJOK3MrL2hjRWtuUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 266568
content-length: 0
expires: 0

GET
H2

200

pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 2040
Redirect Chain

https://google-bidout-d.openx.net/w/1.0/pd?plm=5
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

572 B
706 B

33ms
32ms

Document
text/html

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 0478b6ad8441ca6a6bbc6b2b479397ad4eeebe429e37c6fd4d18591b16b4c371

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 372
content-type: text/html
date: Wed, 22 Nov 2023 07:32:45 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 22 Nov 2023 07:32:45 GMT
location: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

POST
H2 200 frg Show response
folkd.com/ 5 B
836 B 273ms
273ms XHR
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/frg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Fiber-ID: 1700638365913x545586051213303300
X-Bubble-PL: 1700638360532x1135
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwNjM4MzYwfQ.0REEJKSUO7MnKsjT97Zw0dMWoY7G_w6IE-d6yJ4KMSA
X-Bubble-Breaking-Revision: 5

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf: {"total":15,"percents":{"top":{"bubble_cpu":22.7,"block":72,"capacity_rl":0,"other_pause":0,"pre_fiber":5.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":70.5,"fiber_queue":2.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":508947}}
strict-transport-security: max-age=63072000
x-bubble-appname: folkd0612
x-powered-by: Express
x-bubble-capacity-used: 0.008 unit-seconds used
x-coalias-cache: MISS
server: Vercel
x-vercel-id: fra1::8zmgh-1700638365923-47912546bd65
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5YTZe64KDaF3SdOhcvvYVlkh4lRhi%2BO9klnEokDAWja%2FVO%2BP%2BNrf4%2BwGXnRKP10oYfgXfdbcScuC8NV2U7FnPPeKo98M2Nbgi%2BU87nHXWxCJgLewHgQ5aaciNzhkvVk4UFYmnZ5tXTBJT9Wvi7pS1VnkqACnovY2jV1GFX%2Bx42K8bvbpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-bubble-request-took: 15
cache-control: no-cache
cf-ray: 829f7afb2c515d9a-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 css2
fonts.googleapis.com/ Frame 1FAF 4 KB
767 B 31ms
29ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 07:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 06:18:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 07:32:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E875 2 KB
553 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 07:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 07:31:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 07:32:46 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E875 2 KB
903 B 104ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E875 23 KB
9 KB 107ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:17:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E875 3 KB
1 KB 118ms
47ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E875 20 KB
9 KB 93ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E875 202 KB
64 KB 125ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:46 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame E875 37 KB
15 KB 70ms
23ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 10:09:15 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 1FAF 21 KB
9 KB 97ms
30ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 03:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 03:59:33 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1FAF 205 B
229 B 64ms
23ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:42:07 GMT
x-content-type-options: nosniff
age: 85839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 20 Nov 2024 07:42:07 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1FAF 604 B
628 B 75ms
33ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 11:28:27 GMT
x-content-type-options: nosniff
age: 331459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 17 Nov 2024 11:28:27 GMT

GET
H3 200 container.html Show response
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6F97 6 KB
3 KB 35ms
22ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:43 GMT
expires: Thu, 21 Nov 2024 07:32:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2533 6 KB
3 KB 26ms
23ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:43 GMT
expires: Thu, 21 Nov 2024 07:32:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 256D 6 KB
3 KB 23ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:43 GMT
expires: Thu, 21 Nov 2024 07:32:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Legal-Terms-Series-Complaint-and-Answer.jpg
www.kryderlaw.com/wp-content/uploads/2023/08/ 344 KB
344 KB 194ms
191ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kryderlaw.com/wp-content/uploads/2023/08/Legal-Terms-Series-Complaint-and-Answer.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7013b3ab5a1cdef208db2ac82ad1f1b9e323d4a04fee3a53d06a7077f1fc2d8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Aug 2023 19:15:38 GMT
server: cloudflare
age: 0
etag: "64dfc35a-55e3a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 829f7afc88912373-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 351802

GET
H2 403 OG-image-Shamlatech.png
shamlatech.com/wp-content/uploads/2019/12/ 0
0 26ms
23ms Image
text/html 2606:4700:20::ac43:47fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shamlatech.com/wp-content/uploads/2019/12/OG-image-Shamlatech.png
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 blinds-1.webp
risalafurniture.ae/wp-content/uploads/2023/10/ 50 KB
50 KB 1033ms
583ms Image
image/webp 162.241.169.31
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risalafurniture.ae/wp-content/uploads/2023/10/blinds-1.webp
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.169.31 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: p4strategies.com
Software: nginx/1.21.6 /
Resource Hash: 4cfda82d6ced2d4669f3d1ab4f1ff74cd01d9362ca23cc53f3f7fe7279396da3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:41 GMT
x-nginx-cache: WordPress
last-modified: Wed, 11 Oct 2023 05:39:39 GMT
server: nginx/1.21.6
x-server-cache: false
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 51058
expires: Thu, 21 Mar 2024 07:32:46 GMT

GET sbr-bull-apple-icon-180x180-1.png
wpi.sportsbookreview.com/pickdev/2021/08/16144901/ 0
0

GET
H2 200 587-777-7000-2.jpg
myfirsthomeincalgary.ca/wp-content/uploads/2023/11/ 179 KB
180 KB 347ms
346ms Image
image/jpeg 2606:4700:3033::6815:26e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myfirsthomeincalgary.ca/wp-content/uploads/2023/11/587-777-7000-2.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:26e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37b1f01b5c861d556b510948adfa56c3920ccf971ccace1f62294006f8462c7f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 11:39:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qHCitL32fMNKeFJhUbPln%2BlElqYd11E5NyiwGbMlqUqkX2nkCvStWHyGnPVxkhYsSOIQiVPjy7mYI3X5hAqfrP4RaLymqgJC42e%2BfijYpwIhZVdA52U41yrCy4yQz6j2Ll1BrTbFDQOwPj5EMToUxy%2B5oU2bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 829f7afc9d3983b8-MXP
alt-svc: h3=":443"; ma=86400
content-length: 183629

GET
H2 200 bbjbcnbcv.png
astrologyexperts.in/images/ 18 KB
18 KB 138ms
137ms Image
image/png 2a02:4780:11:1189:0:2e75:d040:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://astrologyexperts.in/images/bbjbcnbcv.png

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:11:1189:0:2e75:d040:3 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

88871b51ece3fcd50b57852d5fe96edef94dd83ea3b93f6b1cbe2a97214995ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 13 Aug 2023 10:37:35 GMT
server: LiteSpeed
etag: "48b3-64d8b26f-76746291ff06221e;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 18611
expires: Wed, 29 Nov 2023 07:32:46 GMT

GET
H2 200 /
orchidhousepainters.com.au/ 0
0 1119ms
276ms Image
text/html 149.28.187.227
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://orchidhousepainters.com.au/
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.187.227 Sydney, Australia, ASN20473 (AS-CHOOPA, US),
Reverse DNS: s6-syd.intesols.com.au
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 container.html Show response
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E4C8 6 KB
3 KB 23ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:43 GMT
expires: Thu, 21 Nov 2024 07:32:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ym.1.js Show response
static.yieldmo.com/ Frame 6E3A 471 KB
123 KB 124ms
27ms Script
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 17:14:28 GMT
x-amz-cf-pop: FRA60-P5
age: 51499
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: uehvDjhHZJtABivYmZtLG9n2CBJNjbJ1Fxe852pBe35mBIB3yGttbQ==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6E3A 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1C1C 1 KB
1001 B 72ms
21ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 35753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6E3A 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 6E3A 43 B
493 B 168ms
42ms Image
image/gif 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3412321018581324120&pvt=1700638364344&plid=2521236318193655889&imp=5206241578790453939&rep_meta=_3aTv21hvbrUUcP6Lpzv1Pbwcj5UuT0GObj0pYazrOmo74N07AP58yOXZES83sh6The4sEcQcKRnWuK1s7bklHtxwOT_e7zxD0mNNmfeUXK39QhZD2zPuu9bcd_v4X3ALpVpAiLG2hrr-PnaOzWyOhYumj2FDbRk_lW_k3vesPLQfVGZDIAlehfuY4CHmGr35FmDExmJt4pKrFnMl3tWucKfqTQ84OSqnJaKlN57LiyYXNBgENxgIqJxyGQRj_8OJrMrGKr1WAL90ApqtPJnnnDcfAYUysZosFjy703nnAP4kMq8jRTQ8kVwHOLilU_Zi_JFAnQgBKX0Db8RWduCZbpJbwwXuEjM8W-HqglpK3v_2n7go5gt2KOmZMmIxKUGRRU5Jg5-tzuGkhSy5B8yyZdw86QTqOUJPLRc1GI9iBc
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6E3A 0
0 32ms
29ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-vGtBI7QOnzyfs-yELjEVUfaWyijXE30qpwnbNfwrxoPVMow63dIDxXzJkC69VesylUODn_eIxOUzcgW1ClV85QQXvg
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6E3A 24 KB
7 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E3A 202 KB
64 KB 78ms
76ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:46 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 6E3A 68 B
244 B 139ms
43ms Image
image/png 51.20.166.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfqv46im&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl8xXzFfYWQifX0%3D&cb=4375067&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.166.45 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-166-45.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 container.html Show response
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5706 6 KB
3 KB 23ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:43 GMT
expires: Thu, 21 Nov 2024 07:32:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F6E5 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:43 GMT
expires: Thu, 21 Nov 2024 07:32:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4FF7 6 KB
3 KB 24ms
22ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:43 GMT
expires: Thu, 21 Nov 2024 07:32:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C2B8 6 KB
3 KB 27ms
23ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:43 GMT
expires: Thu, 21 Nov 2024 07:32:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 2040
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=254002728751764508

43 B
106 B

35ms
29ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=254002728751764508
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=254002728751764508
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 2040
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e875b2bd-b322-83c3-a113-4cca9ea4c04a
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e875b2bd-b322-83c3-a113-4cca9ea4c04a&dcc=t

43 B
855 B

199ms
199ms

Image
image/gif

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e875b2bd-b322-83c3-a113-4cca9ea4c04a&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Protocol

HTTP/1.1

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 07:32:46 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JNPMWJ79EJC5E2J5Z402
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 07:32:46 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B5QSD0YN6XYTJ9STJ9DS
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e875b2bd-b322-83c3-a113-4cca9ea4c04a&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 2040 70 B
149 B 133ms
41ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=b0a3cec0-af88-3839-611d-ce5df6970baa&gdpr=0
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 2040 170 B
243 B 106ms
40ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWNjYzFkMGEtNjZmZi02NjlkLTc0ZmQtOTRlNDNjNzVjNWNh

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2040
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMmVBUIz-AkqsfNSAoyYw94&google_cver=1

43 B
180 B

30ms
29ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMmVBUIz-AkqsfNSAoyYw94&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMmVBUIz-AkqsfNSAoyYw94&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

logo-thai-hung-phat.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../logo-thai-hung-phat.jpg
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../logo-thai-hung-phat.jpg

19 KB
19 KB

21ms
21ms

Image
image/jpeg

2a00:1450:4001:80f::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../logo-thai-hung-phat.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c4223cabecb3cdaaa96355faae946e8b2b7d14ee205f84642d8f5eb3e2abe25d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
age: 0
x-guploader-uploadid: ABPtcPrlT7OKVxp6RZwnqGFHtKA8x11gJ1_BMvFBYntDWIQZG5ZAv8IYGwNas17asaLNXLGFAEny9YUpUQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19703
last-modified: Thu, 09 Nov 2023 08:58:28 GMT
server: UploadServer
etag: "cf72fbf1ed3288bbe93eca99b8e9a44b"
x-goog-generation: 1699520308526640
x-goog-hash: crc32c=UQOBPA==, md5=z3L78e0yiLvpPsqZuOmkSw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 19703
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 22 Nov 2023 08:32:46 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/0LuxP7hCJt5rGNO3PbT5VY51a84/d_oc5w../logo-thai-hung-phat.jpg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Thu, 23 Nov 2023 07:32:46 GMT

GET
H2 200 ym.1.js Show response
static.yieldmo.com/ Frame 6F97 471 KB
123 KB 27ms
25ms Script
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 17:14:28 GMT
x-amz-cf-pop: FRA60-P5
age: 51499
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: wZMRIGVmOLQbOrA-YsCviBCw4DPN0h2Tw12to2IWXF1cuSudAuJmlQ==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6F97 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2978 1 KB
677 B 21ms
20ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 35753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6F97 20 KB
8 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 6F97 43 B
492 B 44ms
43ms Image
image/gif 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3412321030056924521&pvt=1700638365712&plid=2521236318193655889&imp=8451174701058021595&rep_meta=nnvbVSBf0xiPLz1TuRLkf27s5bJXTdpWzyFmV6JnBNoHq8_km_ubAPzSq9m4OHlK4scwZqljRBksIUIemSRsRZC5rqea5aday20mpHECfsiYIvcOw0-ouGH0JeW4Il9wORabWr55nRSIV9YkrARdqMe2cxQg3n6lJ2kPDPsRCg6T89tHtt-GrK3BLOLwT96tTpPxVDg7UofOBY0vxgiDQoCZ7WPG0gMy2KXrdqdFxGvzkGcQnIqeY_ATG0N5aIpTnZ6mgZup6qVCUNI5K3vIPXaSpH4YGcDLArDxcK6dVLeSQQ4pYiw4GN_9Ss5JCYfU5OEUk-vYlEaN1ZtKfBcZmBeVfElOJWtnkmyt8PMLV1jjBDaJDZ_vDcOc1HyKDFutb-jIxubu-FhFecqdiVuxP2kzzNLAdfGcTHYqPSpPHoM
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6F97 0
0 29ms
28ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxquW-QAAxdhsLq8qV5duzOqgGHjga4w0zkVLfpOoCP97EocQSdIvrYdhWuxPEMXiQ1mRGQ_jZamIaQumbrrDyYjj1uQ
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6F97 24 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F97 202 KB
64 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:46 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 6F97 68 B
243 B 45ms
44ms Image
image/png 51.20.166.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfqv470e&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl83XzFfYWQifX0%3D&cb=2034576&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.166.45 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-166-45.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ym.1.js Show response
static.yieldmo.com/ Frame 2533 471 KB
123 KB 24ms
24ms Script
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 17:14:28 GMT
x-amz-cf-pop: FRA60-P5
age: 51499
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: A9VHaPoStwPNrmohc1aoXQLhffe0TDMnKNd1-KrIyi_UAJc0Px3T6A==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2533 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6EAA 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 35753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2533 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 2533 43 B
492 B 43ms
41ms Image
image/gif 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3412321029763324371&pvt=1700638365677&plid=2521236318193655889&imp=6049309070596610198&rep_meta=riZygIQmxpA05SAjT6qei8jrf8_6T7gNlTwpPdMCJCMFghMYGaWAHa9DM4M5fUAFX8jc0r4cLyxAHm-5C9huR7t-09L1Att8gEdimuXPdtXnTvb6fzx07yCHN6_x1nGPKzajhe_6b05eKseFgju5dM8sXZOEMnfmbeVGXhJKPZCZoatiXAT7HboeXKA_6T9D_9PHPf6-CkqFbTLw-CW3HqMJWk4QmF6npq5Us7YUaXu8_Eum9OT9hUu-iiksx3EJFfKgC33eLI12Cx-_aCF9I5hC6I-9onoH6pAGBKdDF5VE2hplc0bV8P-qCTM0SzYPrBKES_aKQzXo9rUTZKebgOlI1uiZ1W0UWRSIDjH1dinixiRatrCX-urEYl-gPk9nirMFZh6xjrw82O3QVFXaaRMzD3mf3UXkMKhhdqQtR-k
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2533 24 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2533 202 KB
64 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:46 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 2533 68 B
243 B 43ms
42ms Image
image/png 51.20.166.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfqv473d&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl82XzFfYWQifX0%3D&cb=6686746&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.166.45 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-166-45.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ym.1.js Show response
static.yieldmo.com/ Frame 256D 471 KB
123 KB 40ms
39ms Script
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 17:14:28 GMT
x-amz-cf-pop: FRA60-P5
age: 51499
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: 54CRGnvhaF3SwjqdjNU0G0vr_WEO0oNs_TqDYfRTHYdZQ0RGFucSTA==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 256D 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E8DC 1 KB
643 B 38ms
37ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 35753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 256D 20 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 256D 43 B
492 B 45ms
42ms Image
image/gif 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3412321029922691702&pvt=1700638365696&plid=2521236318193655889&imp=807116992221032196&rep_meta=67blbcalxOfIkrIcYn3ui5iXE_eM_bvtoAVBPm1CC-Qll7C74WaTRrQg7R8SeiDI70ZB6qnxG3Jnb47tvcYc6HIWBwvnWqtmFZyO2eDzE7rMZ3Ku_JOrdOO6hleNfb3sjNvA467cMNmH-Iej2KY9-BAIfUTAHSLKdOMjYmj2Mt27cz6sFIjfPi4llyyehh6ak1YYh6H9Rm3UAUwr_p0FmGvcyEBQ5O8cFGT_jzyUOofIeyYYZTw2m89m43VtZ8zb9m-AEeHWRjb1Dyn29PSG6Jn0JIjL8Tuv_k4eOyEbNlCvk0hpPSzVhQAQFh6T3Bvfj4ih3LWpzCtIioDxslpGN-_i0ZMzynP0QJ2rGGA74RDOhQyqut8u9QfdpFfNEbORoFuGRoyNWYCZ4heW_-NDGTtrk70aTVoxFeYt0FIit7Y
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame 256D 0
0 41ms
39ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDs42ZX2gwPFDkzH4nfeosyxB-6kDSMfdq2pmarrM6DUOFP0sPhmX9qcn-bX2tH7VzgOi8T4EDo_0H0XzDqg60H2lrAQ
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 256D 24 KB
6 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 256D 202 KB
64 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:46 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 256D 68 B
243 B 44ms
43ms Image
image/png 51.20.166.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfqv476a&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl81XzFfYWQifX0%3D&cb=4867673&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.166.45 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-166-45.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:46 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
289 B 114ms
114ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Wed, 22 Nov 2023 07:32:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 ym.1.js Show response
static.yieldmo.com/ Frame E4C8 471 KB
123 KB 24ms
24ms Script
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 17:14:28 GMT
x-amz-cf-pop: FRA60-P5
age: 51500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: gyRVfC5uflD1FdhzGLUs3Am8z3TUCV2FNf7zQHWNOqTrcQcPNsAm0Q==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E4C8 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C009 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 35754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E4C8 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame E4C8 43 B
492 B 44ms
42ms Image
image/gif 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3412321029704597280&pvt=1700638365670&plid=2521236318193655889&imp=5821936934030058024&rep_meta=wp0oTkO9jiLS7M397yo0MEJ0One73RF8IRkoc_4L3V0EM3bh0jcQapDq-MlLORlpXi1TtnLwKu5mLy3_BNV1S9D1UkOc2X1kzEVPFOEYD_JUzLfubctYX2jHbyQ8WDy7kVTB6MpUBSVidgv36XMVUnZ0Sbx1Tcdh1PZGWvYUubanAsGGsV_3C4nGDdsimOWXG3eJR43hK3Iv8OOYzH7iGHKBoEIEdFSBgy8FZKycprERi-W8bjSQCMNOZXfjVcpsUPK-Fi64y1-2IYgiKiNuKzNKxg31RbsDLWZe3ifgi6Wx4pcZMmEXKaFZdzNmNkiEWKTFh1CNPOTZlsoyQ5R6mjCHmTHzKzcQPwMmT93tPRPRWUq10zwim1u0HofAEvWZVhge1D65wNdWksCMrEqipyfGE0AFyng9B7FM3O-m0SA
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame E4C8 0
0 32ms
31ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjjhEBKxIaz2_4wHGFgipxfRMrHr9qcbqG7hlL4QCIr2lzgrB4utTWAlTlfOp_GSvBaqZSY4oABNsO25mjPBJmoDBZTQ
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E4C8 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4C8 202 KB
64 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:47 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame E4C8 68 B
243 B 43ms
43ms Image
image/png 51.20.166.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfqv47bu&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl85XzFfYWQifX0%3D&cb=9290667&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.166.45 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-166-45.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ym.1.js Show response
static.yieldmo.com/ Frame 5706 471 KB
123 KB 25ms
25ms Script
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 17:14:28 GMT
x-amz-cf-pop: FRA60-P5
age: 51500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: -nnQWabVfNpl3yRHfb90xdhUc6wuPsZPbMjZ-Xtpx3_UvMcRhEDuqg==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5706 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0D9F 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 35754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5706 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 5706 43 B
492 B 44ms
43ms Image
image/gif 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3412321029872369502&pvt=1700638365690&plid=2521236318193655889&imp=4594336479232666576&rep_meta=wp0oTkO9jiLS7M397yo0MEJ0One73RF8IRkoc_4L3V0EM3bh0jcQapDq-MlLORlpXi1TtnLwKu5mLy3_BNV1S9D1UkOc2X1kzEVPFOEYD_JUzLfubctYX2jHbyQ8WDy7kVTB6MpUBSVidgv36XMVUnZ0Sbx1Tcdh1PZGWvYUubanAsGGsV_3C4nGDdsimOWX4SghGtqJKIrdSX7WRXwpDBkUT2fOwsrRiRNkYDFr2XkDomVY2Nxnna6N68yi85kl0JJC0-qXXFEgTukrvoP9iIYmZdrcJmTDTeSnZeLzr9unSgyygfTClyDg9ZGMjf-rKqMfNspMDwNhWeHqPP-ab_iauG94W-Hklck7NOCEbR_mJHiAmdhD1Bmk581wAX3Q7SXnxC_9cV2V6sTu2a-4MysA0RNNUFeTy2oRludeokk
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5706 0
0 29ms
28ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGkl-WWnln9F4RaE7nptUJGHLffQ4UPtGQWcO2kN9n4YLwmnCaRExYQ1pNTs30zzvKWsRVmbIy0yQlkqYCgmiq2lMwhw
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5706 24 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5706 202 KB
64 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:47 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 5706 68 B
243 B 44ms
44ms Image
image/png 51.20.166.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfqv47f2&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl80XzFfYWQifX0%3D&cb=2200478&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.166.45 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-166-45.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ym.1.js Show response
static.yieldmo.com/ Frame F6E5 471 KB
123 KB 25ms
25ms Script
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 17:14:28 GMT
x-amz-cf-pop: FRA60-P5
age: 51500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: GIzRV02Z2fU9jhpMMxdT2HY7mPfj4E8yNvi1pU0YGlOe5maaC7NQjg==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F6E5 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 091C 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 35754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F6E5 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame F6E5 43 B
492 B 43ms
42ms Image
image/gif 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3412321029788473950&pvt=1700638365680&plid=2521236318193655889&imp=6732327714475285147&rep_meta=67blbcalxOfIkrIcYn3ui5iXE_eM_bvtoAVBPm1CC-Qll7C74WaTRrQg7R8SeiDI70ZB6qnxG3Jnb47tvcYc6HIWBwvnWqtmFZyO2eDzE7rMZ3Ku_JOrdOO6hleNfb3sjNvA467cMNmH-Iej2KY9-BAIfUTAHSLKdOMjYmj2Mt27cz6sFIjfPi4llyyehh6ahq9QQ9UxxAYFbwUDA9QKlLy-0zuzpbRO85SObJpKY-7xxyOvzA01qmNq6Phq1eM2aUrkklRQROZzIkQRW39M_KXVRWVAdE30HzCsVTQHUtprG8tsd8kS1tup15jUJFlD5GIKPhaEcsKn49NyhSuDxRdSJxiAJkftNrrYY0g_g3mPBvYrM8pyGHFbYRtKeMZmoaYLL23q3InmxDaOosYRsT0hjbmIk_k8t0vBeSrIALI
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame F6E5 0
0 29ms
28ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTnNASNpf5uxI5wS81QmEtpO_ovACBV8EBqSSMWLNb-uHB2xPpQIFCt_1Kh6843MjD3afcHcDT-XA8fpcxCLnUg_M_uQ
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F6E5 24 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6E5 202 KB
64 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:47 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame F6E5 68 B
243 B 43ms
43ms Image
image/png 51.20.166.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfqv47hm&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl8yXzFfYWQifX0%3D&cb=6349241&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.166.45 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-166-45.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ym.2.js Show response
static.yieldmo.com/ Frame 4FF7 471 KB
123 KB 24ms
23ms Script
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.2.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NmPizok8zt2Bk2_G.9mKxQVulI9oNAbX
content-encoding: br
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 10:28:23 GMT
x-amz-cf-pop: FRA60-P5
age: 75865
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: IsXt5OUX5f6n_PpzFeHDXp3EWc8tMJH-32yYmfIQ4Q6h1AIydyBXVw==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4FF7 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D43E 1 KB
643 B 22ms
22ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 35754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4FF7 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 4FF7 43 B
492 B 45ms
44ms Image
image/gif 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3412321030006592412&pvt=1700638365706&plid=2521236318193655889&imp=2222779873820325758&rep_meta=21lvrm9ZWBMrxS0sW5t_Nt1b9btxsaopq4kAK-aW6lXkJPGtk9lNlsl8K5KEgsjpqZ-VYeYQiYYHwgDyEVTCoCsgzSgUMmjTZExsAnKLFZH68-R44zsTRz7wZFENtQtzIUILadGlfW8hX2tz4ZkAn8i02ZXVrlqaaeEM97qgfbafIt8Ws0TguOnplLAblvZenHZWi1nb7hqfDFmrQdSvYgSQgx4XVQOGcyaj9tuI-aNajUq0Eg43UoVEjUq1CJKMaUynjNvq__wikQZ4LnJrN9Zzz-dzvy_V2-OP45vpmxq_NgEx1vz73z0PvfnFdvOH5xWM4c6YmD1CCTuheQKDU9ZhnTOe_Skfd-Epz3_RoZ3rSYdu-hDTlGMvpPQVLYMImERepzXcSMG9XXG6jYL1RGNian4FRFXzlLqUNk0cNDs
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4FF7 0
0 30ms
29ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ41o3byzuGxg_kbCb19T23s5JK1TSoMrJ2-9GcLJr7RQLoJXnx0oXN0rmHn9FKTyfLA0jpW0IvNTiJINwy560LNZ8bJA
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4FF7 24 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FF7 202 KB
64 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:47 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 4FF7 68 B
243 B 44ms
43ms Image
image/png 51.20.166.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfqv47kh&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl8xMF8xX2FkIn19&cb=3089504&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.166.45 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-166-45.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ym.0.js Show response
static.yieldmo.com/ Frame C2B8 471 KB
122 KB 25ms
25ms Script
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.0.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 08:45:12 GMT
x-amz-version-id: Xck034tCEhxPRJeQDbLy1jkP4sAxLMlx
content-encoding: br
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 82056
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: uTDrOxj_x39saxEQyftkS-IVkxOqAEmGKx1v3l5astAY89ArkLtQkg==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C2B8 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F31C 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 35754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C2B8 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame C2B8 43 B
492 B 44ms
43ms Image
image/gif 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3412321029805258910&pvt=1700638365682&plid=2521236318193655889&imp=4050710964008965180&rep_meta=HjpZf_oDWvfzQwKC-bDoFpJp-3PA0Nm3t6pDn0h013pjyv4mGEQtCtsxN-6IVXRV7CbMnN02fhlxrj9Awq2oxpf35KEkSxsPb5yhE4LqF_CsPEsJel3iUfJ5JEwbwDZW-dLiam0_XCRey-PHiIHrEztxNJRT0IDYFmG-ZUZjtikxrMCBXBGtbwvVPnRnptVeLk3ihdyQu6ZexCEbFBb_pBvguJWDPZ9CYDHWqKOUnMnG0V7agoCGiFXlQNOuEIDZfYAWBfFIuS0BdDiZjzykU-FD3uMup84VQ-3tjKmu1hEuhEaK2cudTyDXATZJHP68_ldUqkB73MD1xug9sTlhjblPCYpOJiylyFGr87BDlSa92KiH87Taao5nDH9S_DdGrgdQeN5G0OClh6oHGQS7lHmE_ZGx9A2PUw5j701tiQg
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame C2B8 0
0 29ms
28ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5hdH4TzMKJzqlojABEORdSVv4CH_GQgKNX98JRN2LTGtgfAR6K6RbQCXJZxjEbC3rSqlbQmZnNKfSRLdN-MZ0L-izgQ
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C2B8 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2B8 202 KB
64 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:47 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame C2B8 68 B
243 B 42ms
41ms Image
image/png 51.20.166.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfqv47nr&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl8zXzFfYWQifX0%3D&cb=2957648&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.166.45 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-166-45.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C1C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIxNSk-2SxJySr9wirEZk24&google_push=AXcoOmQ6HcIFwwWiBOXlJQs3L2VczOSvbbdlIY7ti_EJUooW4ZmnWAVsE6...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIxNSk-2SxJySr9wirEZk24&google_push=AXcoOmQ6HcIFwwWiBOXlJQs3L2VczOSvbbdlIY7ti_EJUooW4ZmnWAVsE6Em9pAJX7REfHaiYGb2p8BHkASUSSBBKiJZDXN_cA

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-mxp6942-MXP
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1700638368.777594,VS0,VE101
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIxNSk-2SxJySr9wirEZk24&google_push=AXcoOmQ6HcIFwwWiBOXlJQs3L2VczOSvbbdlIY7ti_EJUooW4ZmnWAVsE6Em9pAJX7REfHaiYGb2p8BHkASUSSBBKiJZDXN_cA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C1C
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEHtxdFT8Cxw1x9hPyMhrneE&google_cver=1&google_push=AXcoOmS4P7qTQlUorlUtwgqnxCSOQeFVwD6KVxsSLDzhMlCh_1GyJA6qXwnCZyDVeg87DWmeBzWjR...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS4P7qTQlUorlUtwgqnxCSOQeFVwD6KVxsSLDzhMlCh_1GyJA6qXwnCZyDVeg87DWmeBzWjRvAsXAAvLInyGOuWRX3eSuQ

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS4P7qTQlUorlUtwgqnxCSOQeFVwD6KVxsSLDzhMlCh_1GyJA6qXwnCZyDVeg87DWmeBzWjRvAsXAAvLInyGOuWRX3eSuQ

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 07:32:47 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FD85F2E6AA454859B29A5F8466DC133E Ref B: ZRHEDGE0922 Ref C: 2023-11-22T07:32:47Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS4P7qTQlUorlUtwgqnxCSOQeFVwD6KVxsSLDzhMlCh_1GyJA6qXwnCZyDVeg87DWmeBzWjRvAsXAAvLInyGOuWRX3eSuQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKuLnLO+g1mXjcGDRXhg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C1C
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPu2DdxCy9U0ET0lqWNLtes&google_cver=1&google_push=AXcoOmTipQin4dnLrudUMTsxLFVI4WFHkdIa00JoiynPA2TQH_8A0Q4lIAWfuC_L7bN7DVr7pYc93L9busaRTkO6...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-0ZljfnxRGohC1SUjyKn6g&google_push=AXcoOmTipQin4dnLrudUMTsxLFVI4WFHkdIa00JoiynPA2TQH_8A0Q4lIAWfuC_L7bN7DVr7pYc93L9busaRTkO6rsPnzW6gVHc

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-0ZljfnxRGohC1SUjyKn6g&google_push=AXcoOmTipQin4dnLrudUMTsxLFVI4WFHkdIa00JoiynPA2TQH_8A0Q4lIAWfuC_L7bN7DVr7pYc93L9busaRTkO6rsPnzW6gVHc

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 07:32:47 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-0ZljfnxRGohC1SUjyKn6g&google_push=AXcoOmTipQin4dnLrudUMTsxLFVI4WFHkdIa00JoiynPA2TQH_8A0Q4lIAWfuC_L7bN7DVr7pYc93L9busaRTkO6rsPnzW6gVHc
x-host: tde-deliveryengine-production-bb588bf9-rwjq5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C1C
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESECCJfzsRZCGXPb_4PC4VwRg&google_cver=1&google_push=AXcoOmTSZgjV0RxpaQ-legwPOSOssoRCHg7ufS-v_us3WO0p0Jd3HwySM-lTS5d74THOrYwtWLGkc3D-IWOELXnZJCrL_0Assdo
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OGFDVXRpLTRCR2kydnVLQW9LNWRaUQ%3D%3D&google_push=AXcoOmTSZgjV0RxpaQ-legwPOSOssoRCHg7ufS-v_us3WO0p0Jd3HwySM-lTS5d74THOrYwtWLGkc3D-IWOEL...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OGFDVXRpLTRCR2kydnVLQW9LNWRaUQ%3D%3D&google_push=AXcoOmTSZgjV0RxpaQ-legwPOSOssoRCHg7ufS-v_us3WO0p0Jd3HwySM-lTS5d74THOrYwtWLGkc3D-IWOELXnZJCrL_0Assdo

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Nov 2023 07:32:48 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=OGFDVXRpLTRCR2kydnVLQW9LNWRaUQ%3D%3D&google_push=AXcoOmTSZgjV0RxpaQ-legwPOSOssoRCHg7ufS-v_us3WO0p0Jd3HwySM-lTS5d74THOrYwtWLGkc3D-IWOELXnZJCrL_0Assdo
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 242

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C1C
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESENN7QyjzEWX6r-aJ_YYRd-k&google_cver=1&google_push=AXcoOmQo9CXYx1GPgMwOrVnPv98gbVEXK1FO3oiG8O-xWV9gpGerf67u4oqOpsxIWEr8f19HouPxjTisZ0C7vxE9-sr8TjvFDQs
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=855339880763&us_privacy=1---

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=855339880763&us_privacy=1---

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=855339880763&us_privacy=1---
content-length: 0

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 1C1C 0
35 B 77ms
22ms Image
text/plain 52.59.133.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJV0QaIrqnT32gmclS1ruxc&google_cver=1&google_push=AXcoOmS8g0Cf5AqruYycydGHzZdncpu_btVdFrrrEWxsvCRgGMBCrLy4hM84AjR4P0CnOb2mEdxu-IrJD2aa88YFxkkMWIM8setx
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.133.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-133-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT

GET
H2

200

0.gif
id5-sync.com/i/495/ Frame 1C1C
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEFt01k7bN605GAjRR4FFBB8&google_cver=1&google_push=AXcoOmQTqmfdzypXnSTJ81M4zYqMkNcy--7X0MaXtXBjN6o7Z7M_mZnULD7VhJr8oALAlPztwxf_du-RPeCJxS1ZLIxbmo_iP04
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQTqmfdzypXnSTJ81M4zYqMkNcy--7X0MaXtXBjN6o7...

43 B
921 B

69ms
24ms

Image
image/gif

162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQTqmfdzypXnSTJ81M4zYqMkNcy--7X0MaXtXBjN6o7Z7M_mZnULD7VhJr8oALAlPztwxf_du-RPeCJxS1ZLIxbmo_iP04

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 22 Nov 2023 07:32:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

date: Wed, 22 Nov 2023 07:32:47 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQTqmfdzypXnSTJ81M4zYqMkNcy--7X0MaXtXBjN6o7Z7M_mZnULD7VhJr8oALAlPztwxf_du-RPeCJxS1ZLIxbmo_iP04
x-download-options: noopen
vary: Accept
content-length: 270
x-xss-protection: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1C1C 0
50 B 29ms
28ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LIYywlvLpBRO1ycOzkfq4yiFNprBR5rl49sZiIWUUJwYvl07teo7r_xH94PDhzDSVqQFjaa70

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 6E3A 49 B
493 B 344ms
148ms XHR
application/json 2600:9000:2250:f600:1e:fdf8:aac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:1e:fdf8:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: VOkZJ2s02TaPfUE6szRFriVKftN1Xf8lXxDl-CTni44CjxwqJzduzw==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 6E3A 133 B
569 B 246ms
120ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: c865243855d79999fd97d21577b469613c54b6eb5014d9f8a4f64a9a546f2a30

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=222f01c62c0a3953f4e957497a6ad375272c7a32cbe3f1e85e40d36cd2d70b76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: ade9a1ec8c852d6cf9d42e65d6fe57fffc1ca3d06f72f697b22681b8d7c84a24
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073247Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: c863a69d-40cc-4f8c-95b4-167d04232a4a
Content-Length: 133
x-amz-id-2: XeJJHOkUzSDraNiekWORQdLvtkkh82UdDCG73z+Z+7lHVj18JFoa4Q31PthOFD1/NnpwxFUusQo+n5Y9JrLoDaZSEcOH3xOw
Content-Type: application/x-amz-json-1.1

GET
H2 200 ymcas
ads.yieldmo.com/ Frame D839 5 KB
0 48ms
47ms Document
text/html 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 22 Nov 2023 07:32:47 GMT
pragma: no-cache
vary: accept-encoding

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js_a/desktop/ Frame 6E3A 208 KB
61 KB 49ms
26ms XHR
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js_a/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: M..2uk1oytKXIiwyOT2pb17QwmooKg.V
content-encoding: br
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 10:48:36 GMT
x-amz-cf-pop: FRA60-P5
age: 74652
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:39 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: BOOL4G5Z_FcIFpcvXAM4ehzOLw9MuCR_1YzwFTmgJHmnPwCnYh1_Qw==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 6E3A 133 B
569 B 272ms
117ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 96bae9e4c43f1853af93f87123d3f9d9528ac83510cae59f6d5041c83f48f8ae

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=14a1688ccb223261be2defc76226e8ac7a5091e84ea170efb34ab283deeffa02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 05a983a5830456a750dee299e5499fca9ebb365a6612ff4e7b641f866795e95b
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073247Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: e325949e-7a8f-db15-bef2-247e7e18ba9f
Content-Length: 133
x-amz-id-2: pT5nBhYFVPuCB4FXeiDXVXaSNTeZMdZKsC+Py8TQJmxzfb7tZ2TRJLwekMgqtfcoekB40t44S7I7su0I1cfa3zDfhOZayl5I
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 362ms
119ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:47 GMT
x-amzn-RequestId: dd9e256e-6203-35de-8049-95b1fed1a834

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 343ms
115ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:47 GMT
x-amzn-RequestId: f400711d-2e41-382f-a9d7-c1c2b293a5c5

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 2978
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQWVhN6i0J4DhzQB8XQoM5X9Ryu1cee8BZcUGMizTvjzARUvU__NTKbbwTHreAXJSmzFqC4u-WmcxxIn69qPmwDkSHoxTrm&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQWVhN6i0J4DhzQB8XQoM5X9Ryu1cee8BZcUGMizTvjzARUvU__NTKbbwTHreAXJSmzFqC4u-WmcxxIn69qPmwDkSHoxTr...

43 B
453 B

186ms
185ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQWVhN6i0J4DhzQB8XQoM5X9Ryu1cee8BZcUGMizTvjzARUvU__NTKbbwTHreAXJSmzFqC4u-WmcxxIn69qPmwDkSHoxTrm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQWVhN6i0J4DhzQB8XQoM5X9Ryu1cee8BZcUGMizTvjzARUvU__NTKbbwTHreAXJSmzFqC4u-WmcxxIn69qPmwDkSHoxTrm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829f7b08891cf0f4-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 186
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQWVhN6i0J4DhzQB8XQoM5X9Ryu1cee8BZcUGMizTvjzARUvU__NTKbbwTHreAXJSmzFqC4u-WmcxxIn69qPmwDkSHoxTrm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQWVhN6i0J4DhzQB8XQoM5X9Ryu1cee8BZcUGMizTvjzARUvU__NTKbbwTHreAXJSmzFqC4u-WmcxxIn69qPmwDkSHoxTrm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829f7b072fb4f0f4-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2978
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmRs8p_qan5j0k3LrFIWJz5MhlZquGXcc_Xc0THtf6H_693YDYuU4rs5qF9UMH4eoUq-ZwnzqC7RDvqbDbEMmq3p...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmRs8p_qan5j0k3LrFIWJz5MhlZquGXcc_Xc0THtf6H_693YDYuU4rs5qF9UMH4eoUq-ZwnzqC7RDvqbDb...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433831121954712&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ-lY1VTLjMslRzODNf5ct0HXPAs2WZaIJF-TYVm-4o5FCgrDqzLj9tGd9iRq462eVg5CpkAP6Iz-CPJGIO2XvxJntN6pU&google_hm=3DpI-skNR3qWj3MHlipBMA==

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ-lY1VTLjMslRzODNf5ct0HXPAs2WZaIJF-TYVm-4o5FCgrDqzLj9tGd9iRq462eVg5CpkAP6Iz-CPJGIO2XvxJntN6pU&google_hm=3DpI-skNR3qWj3MHlipBMA==

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ-lY1VTLjMslRzODNf5ct0HXPAs2WZaIJF-TYVm-4o5FCgrDqzLj9tGd9iRq462eVg5CpkAP6Iz-CPJGIO2XvxJntN6pU&google_hm=3DpI-skNR3qWj3MHlipBMA==
date: Wed, 22 Nov 2023 07:32:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2978
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSJ5p...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmSJ5pQUSqvmXDnwmrBQe718sdeXJCQJIxTwsRjqjMcpKyuBp2BSwVzIcVr2C76RUDTWETL9-g1oL1z2...

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmSJ5pQUSqvmXDnwmrBQe718sdeXJCQJIxTwsRjqjMcpKyuBp2BSwVzIcVr2C76RUDTWETL9-g1oL1z2t0QRNs2Lk7CYwSw2

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmSJ5pQUSqvmXDnwmrBQe718sdeXJCQJIxTwsRjqjMcpKyuBp2BSwVzIcVr2C76RUDTWETL9-g1oL1z2t0QRNs2Lk7CYwSw2
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 672094
content-length: 0
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2978
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRdIwUWqxLL1sX4s3Jp5XJFhy6opcvSlNRZ7NsRZqfgeo04DksFcnNNZ39-Ez3RucUI7kvVU7lJeObnGEY1zkNu-uNZdto

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRdIwUWqxLL1sX4s3Jp5XJFhy6opcvSlNRZ7NsRZqfgeo04DksFcnNNZ39-Ez3RucUI7kvVU7lJeObnGEY1zkNu-uNZdto
date: Wed, 22 Nov 2023 07:32:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2978
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTfDSrASi9LbYHG4aQIf83-kzhbEMhkMGTZOUCDLpoF7VuV6GerWKC84-tJekC3u59kKqxp8aVwyq...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTfDSrASi9LbYHG4aQIf83-kzhbEMhkMGTZOUCDLpoF7VuV6GerWKC84-tJekC3u59kKqxp8aVwyqLZN88OXshmyVvxUqnT&google_hm=a243d255-16dc-4264-9e...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTfDSrASi9LbYHG4aQIf83-kzhbEMhkMGTZOUCDLpoF7VuV6GerWKC84-tJekC3u59kKqxp8aVwyqLZN88OXshmyVvxUqnT&google_hm=a243d255-16dc-4264-9ee5-cfe071bb6d30

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-35
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTfDSrASi9LbYHG4aQIf83-kzhbEMhkMGTZOUCDLpoF7VuV6GerWKC84-tJekC3u59kKqxp8aVwyqLZN88OXshmyVvxUqnT&google_hm=a243d255-16dc-4264-9ee5-cfe071bb6d30
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2978
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmSc5ESzMVKJ2aL-7Fo8p0jBG_crnpqEgG-K1zouiqvIVz7HERJSTIm1GlNVe6aAQKtAjoxFDdVh1hCb-CZNz...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmSc5ESzMVKJ2aL-7Fo8p0jBG_crnpqEgG-K1zouiqvIVz7HERJSTIm1GlNVe6aAQKtAjoxFDdVh1hCb-CZNz...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSc5ESzMVKJ2aL-7Fo8p0jBG_crnpqEgG-K1zouiqvIVz7HERJSTIm1GlNVe6aAQKtAjoxFDdVh1hCb-CZNzdl3xQxlmgLS&google_hm=HspkpGZHXCEtjKfnQregqtlM

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSc5ESzMVKJ2aL-7Fo8p0jBG_crnpqEgG-K1zouiqvIVz7HERJSTIm1GlNVe6aAQKtAjoxFDdVh1hCb-CZNzdl3xQxlmgLS&google_hm=HspkpGZHXCEtjKfnQregqtlM

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Nov 2023 07:32:47 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSc5ESzMVKJ2aL-7Fo8p0jBG_crnpqEgG-K1zouiqvIVz7HERJSTIm1GlNVe6aAQKtAjoxFDdVh1hCb-CZNzdl3xQxlmgLS&google_hm=HspkpGZHXCEtjKfnQregqtlM
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2978
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk&google_cver=1&google_push=AXcoOmSkNMt-1aYWgZH5niG1kVlsFr7hLhdRZFkv_iKEh9iMTT-83Kvi64smoGmSqtaU9nDJeRqzto_UurPqxT0e0gfxbkudHRx6
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSkNMt-1aYWgZH5niG1kVlsFr7hLhdRZFkv_iKEh9iMTT-83Kvi64smoGmSqtaU9nDJeRqzto_UurPqxT0e0gfxbkudHRx...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmSkNMt-1aYWgZH5niG1kVlsFr7hLhdRZFkv_iKEh9iMTT-83Kvi...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmSkNMt-1aYWgZH5niG1kVlsFr7hLhdRZFkv_iKEh9iMTT-83Kvi64smoGmSqtaU9nDJeRqzto_UurPqxT0e0gfxbkudHRx6

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmSkNMt-1aYWgZH5niG1kVlsFr7hLhdRZFkv_iKEh9iMTT-83Kvi64smoGmSqtaU9nDJeRqzto_UurPqxT0e0gfxbkudHRx6
date: Wed, 22 Nov 2023 07:32:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2978 0
12 B 32ms
31ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJeJ1Kq0PxA6mUrSqd1VdH74gklOhSacDzLHiJV1ceU2xicRFecRtPHoF3ylDAfvaMlAUE

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EAA
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmSrxDMBMYVvXAPSCDEUaZ9nqLwYpk1yXvKR6LPsim0FkTYfuunVXq3IxAnj-LDLlC7qC7mundZMLz6o_uuLXc82...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmSrxDMBMYVvXAPSCDEUaZ9nqLwYpk1yXvKR6LPsim0FkTYfuunVXq3IxAnj-LDLlC7qC7mundZMLz6o_u...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSrxDMBMYVvXAPSCDEUaZ9nqLwYpk1yXvKR6LPsim0FkTYfuunVXq3IxAnj-LDLlC7qC7mundZMLz6o_uuLXc82BeQ40h8&google_hm=3DpI-skNR3qWj3MHlipBMA==

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSrxDMBMYVvXAPSCDEUaZ9nqLwYpk1yXvKR6LPsim0FkTYfuunVXq3IxAnj-LDLlC7qC7mundZMLz6o_uuLXc82BeQ40h8&google_hm=3DpI-skNR3qWj3MHlipBMA==

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSrxDMBMYVvXAPSCDEUaZ9nqLwYpk1yXvKR6LPsim0FkTYfuunVXq3IxAnj-LDLlC7qC7mundZMLz6o_uuLXc82BeQ40h8&google_hm=3DpI-skNR3qWj3MHlipBMA==
date: Wed, 22 Nov 2023 07:32:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EAA
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT1b_...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmT1b_iP1lhdK_bmSLbJteJKR5rj_iKyELwNjuWX8NXgmBcXgezLWTpCbgNYUiwGCdsEIzWhfK37RUFB...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmT1b_iP1lhdK_bmSLbJteJKR5rj_iKyELwNjuWX8NXgmBcXgezLWTpCbgNYUiwGCdsEIzWhfK37RUFBuBkOuZseWUyQU2E

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmT1b_iP1lhdK_bmSLbJteJKR5rj_iKyELwNjuWX8NXgmBcXgezLWTpCbgNYUiwGCdsEIzWhfK37RUFBuBkOuZseWUyQU2E
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1078022
content-length: 0
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EAA
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBFIPfLlvg449rO_aj0K2-g&google_cver=1&google_push=AXcoOmTrVT82oLOwyfBFovoyWQscLRMVQ9knA6j1iIanjNnRxpz87l5szSfQpfb9rgoP7RlNPUyFW1Tm...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmTrVT82oLOwyfBFovoyWQscLRMVQ9knA6j1iIanjNnRxpz87l5szSfQpfb9rgoP7RlNPUyFW1Tm...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmTrVT82oLOwyfBFovoyWQscLRMVQ9knA6j1iIanjNnRxpz87l5szSfQpfb9rgoP7RlNPUyFW1TmqlIuxYnOvQn1dm3bRFI

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmTrVT82oLOwyfBFovoyWQscLRMVQ9knA6j1iIanjNnRxpz87l5szSfQpfb9rgoP7RlNPUyFW1TmqlIuxYnOvQn1dm3bRFI
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EAA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_hm=ZV2unyIIgauQTeblnfMpnwAABIoAAAIB&google_nid=index&google_push=AXcoOmRCN1GI00iEboB5fH_e1iKrV_L8ZgG96...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_hm=ZV2unyIIgauQTeblnfMpnwAABIoAAAIB&google_nid=index&google_push=AXcoOmRCN1GI00iEboB5fH_e1iKrV_L8ZgG96wtBFf2TyvKgR9fkgpLjkZC3Gc5WbjxjlZEOBNcNgOKCUqaHfcg23gVBA58Uew

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yv%2F5XUl1cnF6cXMWttYKD88SPZFrm8ruItKcKsKDnKH27AzbVSQAA6fLNb51PVEIZ65Nfy7O4e0eQ3emgjcmV2AZrVzq4Oc4GnX7zxy%2F1NB1QWr%2FHKI2%2FqnCjwsH3whFD4Z7Fl9qAtRB6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_hm=ZV2unyIIgauQTeblnfMpnwAABIoAAAIB&google_nid=index&google_push=AXcoOmRCN1GI00iEboB5fH_e1iKrV_L8ZgG96wtBFf2TyvKgR9fkgpLjkZC3Gc5WbjxjlZEOBNcNgOKCUqaHfcg23gVBA58Uew
cache-control: no-cache
cf-ray: 829f7b079f5424c2-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EAA
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEPwGwY0Jy-cgKyqZIEHMWg0&google_cver=1&google_push=AXcoOmSLmg533PPFBZLd043kSt1Zz8gOidP8yYR2Aaxijd363apiTXaSCesn1oGZ7KIStPaQiQ_A6lBarKo0rpUcZZlUwnPcD7Y
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSLmg533PPFBZLd043kSt1Zz8gOidP8yYR2Aaxijd363apiTXaSCesn1oGZ7KIStPaQiQ_A6lBarKo0rpUcZZlUwnPcD7Y&google_hm=M0ZTcjEzM3Z2UTMxbGx6W...

170 B
188 B

41ms
40ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSLmg533PPFBZLd043kSt1Zz8gOidP8yYR2Aaxijd363apiTXaSCesn1oGZ7KIStPaQiQ_A6lBarKo0rpUcZZlUwnPcD7Y&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSLmg533PPFBZLd043kSt1Zz8gOidP8yYR2Aaxijd363apiTXaSCesn1oGZ7KIStPaQiQ_A6lBarKo0rpUcZZlUwnPcD7Y&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EAA
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk&google_cver=1&google_push=AXcoOmRjGD3gvinAgjJqRtq6p7Z0O3UGHVojcgHGjX3hc42uyBPuCuJxdTpX1Aha2Tn1xDJJ1scLKxQdpHslweSkpKqjXYLD4lY
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRjGD3gvinAgjJqRtq6p7Z0O3UGHVojcgHGjX3hc42uyBPuCuJxdTpX1Aha2Tn1xDJJ1scLKxQdpHslweSkpKqjXYLD4lY...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmRjGD3gvinAgjJqRtq6p7Z0O3UGHVojcgHGjX3hc42uyBPuCuJx...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmRjGD3gvinAgjJqRtq6p7Z0O3UGHVojcgHGjX3hc42uyBPuCuJxdTpX1Aha2Tn1xDJJ1scLKxQdpHslweSkpKqjXYLD4lY

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmRjGD3gvinAgjJqRtq6p7Z0O3UGHVojcgHGjX3hc42uyBPuCuJxdTpX1Aha2Tn1xDJJ1scLKxQdpHslweSkpKqjXYLD4lY
date: Wed, 22 Nov 2023 07:32:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 6EAA 0
34 B 30ms
24ms Image
text/plain 52.59.133.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJV0QaIrqnT32gmclS1ruxc&google_cver=1&google_push=AXcoOmQGChNr6I4SyQ0AedTlTwZNdjO0a_F3Ia4p6qLBzavws17DYxIWtQOHy7BO75Z5KmuH8_Vs01JSP2lQjpxD8_gY1QoCP13B
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.133.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-133-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6EAA 0
12 B 39ms
35ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOZs1AlQv_ulO8C2LVMXZBxSM0A2IsQd-pnMZToZetX0q90buxub9MJWAPBP8iOlKUsnJdhg

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame E8DC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmTa9OhIobmdcyjJfaES-Rh-4ARlfPq7lVZ769BrhNq7zSG2c5iYMVIKDd9fHDfIlhUqid6jtRXaQ59d4h0QmbZD9BKfzn3N&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmTa9OhIobmdcyjJfaES-Rh-4ARlfPq7lVZ769BrhNq7zSG2c5iYMVIKDd9fHDfIlhUqid6jtRXaQ59d4h0QmbZD9BKfzn3...

43 B
533 B

187ms
186ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmTa9OhIobmdcyjJfaES-Rh-4ARlfPq7lVZ769BrhNq7zSG2c5iYMVIKDd9fHDfIlhUqid6jtRXaQ59d4h0QmbZD9BKfzn3N&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTa9OhIobmdcyjJfaES-Rh-4ARlfPq7lVZ769BrhNq7zSG2c5iYMVIKDd9fHDfIlhUqid6jtRXaQ59d4h0QmbZD9BKfzn3N%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829f7b08891ef0f4-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 37
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmTa9OhIobmdcyjJfaES-Rh-4ARlfPq7lVZ769BrhNq7zSG2c5iYMVIKDd9fHDfIlhUqid6jtRXaQ59d4h0QmbZD9BKfzn3N&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTa9OhIobmdcyjJfaES-Rh-4ARlfPq7lVZ769BrhNq7zSG2c5iYMVIKDd9fHDfIlhUqid6jtRXaQ59d4h0QmbZD9BKfzn3N%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829f7b073fb5f0f4-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8DC
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTE2B...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmTE2Bnuq5EQbnCpu-oWoDKTHNLEfEvh2-bclX0msRrl-43ODJn36SmHZudeEzvIHzR_mYgDF5dgNFQA...

170 B
188 B

56ms
55ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmTE2Bnuq5EQbnCpu-oWoDKTHNLEfEvh2-bclX0msRrl-43ODJn36SmHZudeEzvIHzR_mYgDF5dgNFQA7Ogt04BS4ZR6k1Vc

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmTE2Bnuq5EQbnCpu-oWoDKTHNLEfEvh2-bclX0msRrl-43ODJn36SmHZudeEzvIHzR_mYgDF5dgNFQA7Ogt04BS4ZR6k1Vc
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 934885
content-length: 0
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8DC
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBFIPfLlvg449rO_aj0K2-g&google_cver=1&google_push=AXcoOmSCkV4OG6ZS-RkJv30Tk9tFls0HBOLan5KKhK_1WUDSxaUY4UPB4aqyU0qUS2BYQt084x6ypP8W...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmSCkV4OG6ZS-RkJv30Tk9tFls0HBOLan5KKhK_1WUDSxaUY4UPB4aqyU0qUS2BYQt084x6ypP8W...

170 B
188 B

40ms
39ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmSCkV4OG6ZS-RkJv30Tk9tFls0HBOLan5KKhK_1WUDSxaUY4UPB4aqyU0qUS2BYQt084x6ypP8WBJq5iOBS8xWntU3m59FD

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmSCkV4OG6ZS-RkJv30Tk9tFls0HBOLan5KKhK_1WUDSxaUY4UPB4aqyU0qUS2BYQt084x6ypP8WBJq5iOBS8xWntU3m59FD
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8DC
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFDSaaK22dnG49-F_hamc9Y&google_cver=1&google_push=AXcoOmRB99MzjCg75bCw0gYqaVHWoz4vb5jUa4nxN0i1XwtlZnmbZT5ExaLY9l-OHfKMfCjcDGD4XHBUxiKTl...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFDSaaK22dnG49-F_hamc9Y&google_push=AXcoOmRB99MzjCg75bCw0gYqaVHWoz4vb5jUa4nxN0i1XwtlZnmbZT5ExaLY9l-OHfKMfCjcDGD4XHBUxiKTl...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRB99MzjCg75bCw0gYqaVHWoz4vb5jUa4nxN0i1XwtlZnmbZT5ExaLY9l-OHfKMfCjcDGD4XHBUxiKTlmieK_mUc1uL7RiZ&google_hm=d1N6Nnp6T04ydUpHY3FF...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRB99MzjCg75bCw0gYqaVHWoz4vb5jUa4nxN0i1XwtlZnmbZT5ExaLY9l-OHfKMfCjcDGD4XHBUxiKTlmieK_mUc1uL7RiZ&google_hm=d1N6Nnp6T04ydUpHY3FFRmdadnQ=

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 07:32:48 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRB99MzjCg75bCw0gYqaVHWoz4vb5jUa4nxN0i1XwtlZnmbZT5ExaLY9l-OHfKMfCjcDGD4XHBUxiKTlmieK_mUc1uL7RiZ&google_hm=d1N6Nnp6T04ydUpHY3FFRmdadnQ=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 236
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8DC
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTWeELF8Ox-OyXk8fSmalEarcxQU7hYhJ6YhoXOHxd8MkTMKCn0_wj81mAhgj1qM-OtGIcepDv2Ua...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTWeELF8Ox-OyXk8fSmalEarcxQU7hYhJ6YhoXOHxd8MkTMKCn0_wj81mAhgj1qM-OtGIcepDv2UaE1bwlDTDstWvVLcVIZ&google_hm=4a5b2e35-fb4b-46c2-94...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTWeELF8Ox-OyXk8fSmalEarcxQU7hYhJ6YhoXOHxd8MkTMKCn0_wj81mAhgj1qM-OtGIcepDv2UaE1bwlDTDstWvVLcVIZ&google_hm=4a5b2e35-fb4b-46c2-9475-3528217c8022

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-130
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTWeELF8Ox-OyXk8fSmalEarcxQU7hYhJ6YhoXOHxd8MkTMKCn0_wj81mAhgj1qM-OtGIcepDv2UaE1bwlDTDstWvVLcVIZ&google_hm=4a5b2e35-fb4b-46c2-9475-3528217c8022
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8DC
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEPwGwY0Jy-cgKyqZIEHMWg0&google_cver=1&google_push=AXcoOmRrVoR2b3bQTcpIwNyj7pPdU38Y8a4b6A-FM1bxeWpvgIvuy0w5GSLLtJI_SK74e_6Sx367JaF1dLau_7MeckE8oGMdvyI
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRrVoR2b3bQTcpIwNyj7pPdU38Y8a4b6A-FM1bxeWpvgIvuy0w5GSLLtJI_SK74e_6Sx367JaF1dLau_7MeckE8oGMdvyI&google_hm=M0ZTcjEzM3Z2UTMxbGx6W...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRrVoR2b3bQTcpIwNyj7pPdU38Y8a4b6A-FM1bxeWpvgIvuy0w5GSLLtJI_SK74e_6Sx367JaF1dLau_7MeckE8oGMdvyI&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRrVoR2b3bQTcpIwNyj7pPdU38Y8a4b6A-FM1bxeWpvgIvuy0w5GSLLtJI_SK74e_6Sx367JaF1dLau_7MeckE8oGMdvyI&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame E8DC 0
34 B 28ms
26ms Image
text/plain 52.59.133.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJV0QaIrqnT32gmclS1ruxc&google_cver=1&google_push=AXcoOmTyO7E5-HGda0ZiDytTsZ0VU4BVuycsRDyfoz3LTTH_Oz9b7bNsXIcDelfwBVNaXf8RzJBvPQoJVbj0sPMMLyFbYMjI1ZUBxA
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.133.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-133-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E8DC 0
12 B 35ms
34ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INL_Lj55qBEQF1bUWz70lNxLivp-K_0cK233QCHkbnPSu6JrNlp0f4z3-93q18bT-M-AOAVQ

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 6F97 49 B
493 B 111ms
111ms XHR
application/json 2600:9000:2250:f600:1e:fdf8:aac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:1e:fdf8:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: LS6PhDZAPaSjFBGJ71zeCFrwpD8DthhzIklFkB6ZT0SbfRKyOosFiw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 280ms
113ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: d3de97e7-faa3-5ac8-8e09-27076671c722

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 6F97 133 B
569 B 281ms
122ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 85912f64836b944ce5980d0c14b5b08705967f84e6d6ab852f7641628f0545af

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=36aa0f160a5f63adf78abba0f50189530d53d4ebab81cf768eb6b0829266b14d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 205c197622060cb9693576d6743c9a0006fbc76c3ede83ca6d40beb268b2305e
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073247Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: f6aa9a26-147d-ea56-ab7d-2ac610ea8bdc
Content-Length: 133
x-amz-id-2: fqUSOZjDk47HRYOCGwHmYs8vfltcXxxb6VBGRalp3ZjN/gmbflIySo0awERzX87LNwXzlLPkREwkwKHGuVvANX3N1uAS5MFX
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 3059 0
0 48ms
44ms Document
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Wed, 22 Nov 2023 07:32:47 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 262ms
113ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: f1b2698e-6423-e38f-ac65-d96ef8f17e65

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js_a/desktop/ Frame 6F97 208 KB
61 KB 25ms
24ms XHR
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js_a/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: M..2uk1oytKXIiwyOT2pb17QwmooKg.V
content-encoding: br
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 10:48:36 GMT
x-amz-cf-pop: FRA60-P5
age: 74652
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:39 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: qwriKtx-iUkH_cjxCT-dIZCUTul7cOh_h8cKsixhLzpQDf5BScowHQ==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 6F97 133 B
569 B 290ms
119ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 4fd5a8bfa052cba6133543ae307b33a3910d1fe5f178d30e448a35c139fa071b

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=92b17dfe92c813fec15d1e53a5a9f31f7756631ad292e490e61b3bdda7467b74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 1f4605fee6ad8bdf802138f989cedb716b8c2cd058300b0c3af3b70b8a4ba20d
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073247Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: f46641b4-30f6-c731-a9b1-f1543461a6bb
Content-Length: 133
x-amz-id-2: LxHczTGQHjCqb0EydulaGNd6XQ1f9URLuTAWf5/B540HF2BTMfb2JMLOOUOthJLT74b4dau1wPJjHQb4941bZIJHP/ilXqYc
Content-Type: application/x-amz-json-1.1

GET
DATA 200
OK truncated
/ Frame 6E3A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23ef1d30f7e992de55352af06ac87f98c63c17def06e8a036727a9b5c1576a3b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 2533 49 B
493 B 33ms
25ms XHR
application/json 2600:9000:2250:f600:1e:fdf8:aac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:1e:fdf8:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: NBmpHkXnztQpU2xyNP83ZuO7Rl1-WWe1fAY0cKJ4VI3tAJNbqTJZNQ==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 247ms
113ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: d5c7b0f8-c965-5dc2-8810-0018cdf23c48

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 2533 133 B
569 B 288ms
117ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 8d253bab413655d49ac0a53400f60ef2673a6842f26e59c25e5f3680b37c2af0

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=fab022d25deb5f97d9919100c3c7cabecd01d9105135e2bdc18e0f2039cf0c9f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 0a77d2c78a9709aa7698847572eed5b88df8d38399bd1c5e5065cff3c0e6b8fe
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073247Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: fb4da9ac-a13b-a18c-a69a-194c3de93c66
Content-Length: 133
x-amz-id-2: yoLlViZx/5bshdVJBraEVUqlPdg22RCdiYMgk0jTKhPHJkP3RGdID86x2y8uF7wd0jGZJqAoZy2pg5XnMSLkfF3zC0JsC5Mr
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame DAB7 0
0 45ms
41ms Document
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Wed, 22 Nov 2023 07:32:47 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 252ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: f40b6b48-c6b5-dec2-a9dc-dba8532c9d05

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame 2533 208 KB
64 KB 25ms
25ms XHR
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: gzip
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 12:12:59 GMT
x-amz-cf-pop: FRA60-P5
age: 76426
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: dsoO88KKhecDS_dX3ruSI-B7i-3THq6p6_gTh4W6xLCd8vxf0ZYQoQ==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 2533 133 B
569 B 278ms
118ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 9092189a0058ff54780839ae3e2e088986b498b5207e3be214b6f5f2ff4b8715

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e5ed1218357cddcdf0a6310a6649974cf5fae575339d87e24628d637d6fce664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: e9df74a515100c8b396d8351deddef66c325f67913e2e027b122e50b1ae7904e
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073247Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: fb1fad7f-f692-cfc9-a6c8-1d9f6a405223
Content-Length: 133
x-amz-id-2: yyAiYXcKN5tqtbPws5b3EnUFOKCMpFy44OYE8c6hqcIKu9gjKev/DkCOdGDg2nBJgXtKEmtOwAxZxKRXiC0J36Rsvj6F+9Py
Content-Type: application/x-amz-json-1.1

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C009
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQctGANvJK5GG4TWNN97JZEA1CKxgvj60hPZsunV_hWWX9tnTlersnJrE6NypNxQG6aFI0efN5jqa5M00ol-qoKoMkxarny&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQctGANvJK5GG4TWNN97JZEA1CKxgvj60hPZsunV_hWWX9tnTlersnJrE6NypNxQG6aFI0efN5jqa5M00ol-qoKoMkxarn...

43 B
428 B

986ms
986ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQctGANvJK5GG4TWNN97JZEA1CKxgvj60hPZsunV_hWWX9tnTlersnJrE6NypNxQG6aFI0efN5jqa5M00ol-qoKoMkxarny&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQctGANvJK5GG4TWNN97JZEA1CKxgvj60hPZsunV_hWWX9tnTlersnJrE6NypNxQG6aFI0efN5jqa5M00ol-qoKoMkxarny%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:49 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829f7b095a0af0f4-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 81
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQctGANvJK5GG4TWNN97JZEA1CKxgvj60hPZsunV_hWWX9tnTlersnJrE6NypNxQG6aFI0efN5jqa5M00ol-qoKoMkxarny&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQctGANvJK5GG4TWNN97JZEA1CKxgvj60hPZsunV_hWWX9tnTlersnJrE6NypNxQG6aFI0efN5jqa5M00ol-qoKoMkxarny%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829f7b07a82ef0f4-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C009
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmQ-lY1VTLjMslRzODNf5ct0HXPAs2WZaIJF-TYVm-4o5FCgrDqzLj9tGd9iRq462eVg5CpkAP6Iz-CPJGIO2Xvx...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ-lY1VTLjMslRzODNf5ct0HXPAs2WZaIJF-TYVm-4o5FCgrDqzLj9tGd9iRq462eVg5CpkAP6Iz-CPJGIO2XvxJntN6pU&google_hm=3DpI-skNR3qWj3MHlipBMA==

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ-lY1VTLjMslRzODNf5ct0HXPAs2WZaIJF-TYVm-4o5FCgrDqzLj9tGd9iRq462eVg5CpkAP6Iz-CPJGIO2XvxJntN6pU&google_hm=3DpI-skNR3qWj3MHlipBMA==

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQ-lY1VTLjMslRzODNf5ct0HXPAs2WZaIJF-TYVm-4o5FCgrDqzLj9tGd9iRq462eVg5CpkAP6Iz-CPJGIO2XvxJntN6pU&google_hm=3DpI-skNR3qWj3MHlipBMA==
date: Wed, 22 Nov 2023 07:32:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C009
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT6Va...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmT6VaFz3YE-Z9kRxHp8bEJXzKtz1BGO2jK1vniyAUktfiuLlHku0iLGkwmfLDU9VOh5lKLtJ6RtHTnQ...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmT6VaFz3YE-Z9kRxHp8bEJXzKtz1BGO2jK1vniyAUktfiuLlHku0iLGkwmfLDU9VOh5lKLtJ6RtHTnQxcvJZbgxhT0F6_k

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmT6VaFz3YE-Z9kRxHp8bEJXzKtz1BGO2jK1vniyAUktfiuLlHku0iLGkwmfLDU9VOh5lKLtJ6RtHTnQxcvJZbgxhT0F6_k
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 630877
content-length: 0
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C009
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmSoan41Jp0kEMBvlafTeuTCbWYn40FH3kbSoE0Kwp2xLa22pVGAF2FsVaJ7PE3NA4H4V0EgwlAjxb...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmSoan41Jp0kEMBvlafTeuTCbWYn40FH3kbSoE0Kwp2xLa22pVGAF2FsVaJ7PE3NA4H4V0EgwlAjxbIdu5QrcX8tprJ7eQVE&google_hm=dd351fb4-19db-4585-b2...

170 B
188 B

39ms
39ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmSoan41Jp0kEMBvlafTeuTCbWYn40FH3kbSoE0Kwp2xLa22pVGAF2FsVaJ7PE3NA4H4V0EgwlAjxbIdu5QrcX8tprJ7eQVE&google_hm=dd351fb4-19db-4585-b2cd-76af2ce8d523

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-40
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmSoan41Jp0kEMBvlafTeuTCbWYn40FH3kbSoE0Kwp2xLa22pVGAF2FsVaJ7PE3NA4H4V0EgwlAjxbIdu5QrcX8tprJ7eQVE&google_hm=dd351fb4-19db-4585-b2cd-76af2ce8d523
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C009
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmRKMqpnKhuXa2hexMOBk3o-UEERvkpvob96fyrfmUp7x6OzPS-CW74dLMKZXaMgEiIx74ehezIzbMi0qOYIS...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRKMqpnKhuXa2hexMOBk3o-UEERvkpvob96fyrfmUp7x6OzPS-CW74dLMKZXaMgEiIx74ehezIzbMi0qOYISKTQRglM1fDQ&google_hm=HspkpGZHXCEtjKfnQregqtlM

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRKMqpnKhuXa2hexMOBk3o-UEERvkpvob96fyrfmUp7x6OzPS-CW74dLMKZXaMgEiIx74ehezIzbMi0qOYISKTQRglM1fDQ&google_hm=HspkpGZHXCEtjKfnQregqtlM

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Nov 2023 07:32:47 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRKMqpnKhuXa2hexMOBk3o-UEERvkpvob96fyrfmUp7x6OzPS-CW74dLMKZXaMgEiIx74ehezIzbMi0qOYISKTQRglM1fDQ&google_hm=HspkpGZHXCEtjKfnQregqtlM
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C009
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRa9mLE835fnFUcqXxJVO3pXFyEjcNra58QfEVIKc6PBvXkSyUrnP4H6ZXMCtKNJYOQh3FiAksnRU8FHquiiS0XISu6EO4&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-aed4d127-19e6-4301-9d16-4d3596549d75-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRa9mLE835fnFUcqXxJV...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRa9mLE835fnFUcqXxJVO3pXFyEjcNra58QfEVIKc6PBvXkSyUrnP4H6ZXMCtKNJYOQh3FiAksnRU8FHquiiS0XISu6EO4&google_hm=A67U0ScZ5kMBnRZNNZZUnXU

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRa9mLE835fnFUcqXxJVO3pXFyEjcNra58QfEVIKc6PBvXkSyUrnP4H6ZXMCtKNJYOQh3FiAksnRU8FHquiiS0XISu6EO4&google_hm=A67U0ScZ5kMBnRZNNZZUnXU

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRa9mLE835fnFUcqXxJVO3pXFyEjcNra58QfEVIKc6PBvXkSyUrnP4H6ZXMCtKNJYOQh3FiAksnRU8FHquiiS0XISu6EO4&google_hm=A67U0ScZ5kMBnRZNNZZUnXU
date: Wed, 22 Nov 2023 07:32:48 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXaed4d12719e643019d164d3596549d75003
content-type: text/html

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame C009 0
34 B 26ms
25ms Image
text/plain 52.59.133.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJV0QaIrqnT32gmclS1ruxc&google_cver=1&google_push=AXcoOmSySX2W5LyuEajcyT_ecvrBlQlREVKoWoFtETPzgAtvvzVdkB9WhkK3Y5ITLnzyPfDhh5LBiBJDUuEXwRJtabb6O2RNdf5pPA
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.133.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-133-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C009 0
12 B 30ms
30ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kr0immRRrKUjSTMSCGAy2HJ8ojoA0HRESvz8J6GabOJqItq7vfGIFtAlZ8QNeZYasOEueHBw

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 256D 49 B
492 B 24ms
24ms XHR
application/json 2600:9000:2250:f600:1e:fdf8:aac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:1e:fdf8:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: uUrdtAZwMr2fVzSZfr8yngByec0B53kyzTw_LzBOxU-cCKtWFcgnjQ==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 263ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: fef8ae0c-0d8a-7e78-a32f-1eec9158e392

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 256D 133 B
569 B 298ms
119ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 30e05e41a50fd1b6f788d1c6b39b0f59303e3a4f04796920b8751462169915d7

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=231d52c108ab3894a712e0775537e537f09edee5d1368d49e380a2c00e73ee22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 0676041eee71e825a018b80e41b0cf24905c2e571c637799dfc1b608ecab9478
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073247Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: efd62640-7306-2e04-b201-96a077914f8e
Content-Length: 133
x-amz-id-2: 6EqtWdYz4Axnxa3mgoVV4h53e4x6YoCJQAxnVPxGwMpSbnzoFvEx5/3Im5l5wqHVLXKEI734Axbs17hx3fTQ7GvuUt5rMTQA
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame B9F8 0
0 46ms
45ms Document
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Wed, 22 Nov 2023 07:32:47 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 251ms
116ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: f09a9d39-6e04-abef-ad4d-2dd9f2d63605

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame 256D 208 KB
64 KB 27ms
24ms XHR
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: gzip
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 12:12:59 GMT
x-amz-cf-pop: FRA60-P5
age: 76426
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: X9dCGv6EuT5tuNQQcQXUNRadQkFq_o5YP48ywMJutSWHs7g1tJamsw==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 256D 133 B
569 B 304ms
122ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: c29917f0cc65b2c9d60e116ac9f83af6148eded94e8fc53be669f2fcae61ffb3

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f55d18682041c6414e9b501aa7b714aa0d5bafc9d4609edbe5aa79eb90ceabee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: f618daf0e49728952e1bef8097b038c1cf6f235656b61ac0ab049d0407d45c25
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073247Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: c9e24955-097a-332c-9435-f9b59ce370eb
Content-Length: 133
x-amz-id-2: lcpTTu0gXhmpwoxwYxOHK4ISu9fD/QZbC2dDBSAREVjIqy/axcB7CqJX7YHVaUdqsv6Ll+h6JT4E8z864dtC4wKxULN5OSs+
Content-Type: application/x-amz-json-1.1

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0D9F
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQrTZb3Wl3lmXUeR8L4iP-c0MjdH3XtJjuIod_He_2IBp5b6vOum8NQG38i6PjtqpSnSTNNR1oIF67I_E-O8a2g2jUjatMv&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQrTZb3Wl3lmXUeR8L4iP-c0MjdH3XtJjuIod_He_2IBp5b6vOum8NQG38i6PjtqpSnSTNNR1oIF67I_E-O8a2g2jUjatM...

43 B
391 B

182ms
181ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQrTZb3Wl3lmXUeR8L4iP-c0MjdH3XtJjuIod_He_2IBp5b6vOum8NQG38i6PjtqpSnSTNNR1oIF67I_E-O8a2g2jUjatMv&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQrTZb3Wl3lmXUeR8L4iP-c0MjdH3XtJjuIod_He_2IBp5b6vOum8NQG38i6PjtqpSnSTNNR1oIF67I_E-O8a2g2jUjatMv%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829f7b095a13f0f4-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 124
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmQrTZb3Wl3lmXUeR8L4iP-c0MjdH3XtJjuIod_He_2IBp5b6vOum8NQG38i6PjtqpSnSTNNR1oIF67I_E-O8a2g2jUjatMv&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQrTZb3Wl3lmXUeR8L4iP-c0MjdH3XtJjuIod_He_2IBp5b6vOum8NQG38i6PjtqpSnSTNNR1oIF67I_E-O8a2g2jUjatMv%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 829f7b07f892f0f4-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0D9F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBFIPfLlvg449rO_aj0K2-g&google_cver=1&google_push=AXcoOmQCRvs2PufU228O6ATgMpaVsSiLlxaQkOHjOi7ywOUT3UIpDqBtQ3Se8cP1J6IcdorUTqg9bZmS...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmQCRvs2PufU228O6ATgMpaVsSiLlxaQkOHjOi7ywOUT3UIpDqBtQ3Se8cP1J6IcdorUTqg9bZmS...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmQCRvs2PufU228O6ATgMpaVsSiLlxaQkOHjOi7ywOUT3UIpDqBtQ3Se8cP1J6IcdorUTqg9bZmSJN4LT0WRK-f9lrUg71QB

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmQCRvs2PufU228O6ATgMpaVsSiLlxaQkOHjOi7ywOUT3UIpDqBtQ3Se8cP1J6IcdorUTqg9bZmSJN4LT0WRK-f9lrUg71QB
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0D9F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

40ms
40ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRhMe0NWEoyB57AvDkmQvM6Rq60g3MgQkxjLyLJehgUhuGEnaWsugxkwkfe8qu0IniaNjSDtB2EstFNd_QtZc1snS9v89FBjA

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRhMe0NWEoyB57AvDkmQvM6Rq60g3MgQkxjLyLJehgUhuGEnaWsugxkwkfe8qu0IniaNjSDtB2EstFNd_QtZc1snS9v89FBjA
date: Wed, 22 Nov 2023 07:32:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0D9F
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQNbIbcmCXhw2mVlawctvK_P-Bpdw6uQQLSdLfNaURJrnJYwVNbtE5BrDJn7rrjSfNjCZtOxV994u...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQNbIbcmCXhw2mVlawctvK_P-Bpdw6uQQLSdLfNaURJrnJYwVNbtE5BrDJn7rrjSfNjCZtOxV994uPvLNsetHqE5Jhfbxh6EA&google_hm=fb3e05b1-3bd4-4f62-...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQNbIbcmCXhw2mVlawctvK_P-Bpdw6uQQLSdLfNaURJrnJYwVNbtE5BrDJn7rrjSfNjCZtOxV994uPvLNsetHqE5Jhfbxh6EA&google_hm=fb3e05b1-3bd4-4f62-b7a9-214207b3a468

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-170
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQNbIbcmCXhw2mVlawctvK_P-Bpdw6uQQLSdLfNaURJrnJYwVNbtE5BrDJn7rrjSfNjCZtOxV994uPvLNsetHqE5Jhfbxh6EA&google_hm=fb3e05b1-3bd4-4f62-b7a9-214207b3a468
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0D9F
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmRvpfPjgI4aqEHSz3LDv32568Id26b0f7pl1G6VrDF2rNdqFMz_Yr-N9ekf1l9Qx_dBe2x6cYEw0hIpa7W5D...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRvpfPjgI4aqEHSz3LDv32568Id26b0f7pl1G6VrDF2rNdqFMz_Yr-N9ekf1l9Qx_dBe2x6cYEw0hIpa7W5Dlm3Y5beS3eaNw&google_hm=HspkpGZHXCEtjKfnQreg...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRvpfPjgI4aqEHSz3LDv32568Id26b0f7pl1G6VrDF2rNdqFMz_Yr-N9ekf1l9Qx_dBe2x6cYEw0hIpa7W5Dlm3Y5beS3eaNw&google_hm=HspkpGZHXCEtjKfnQregqtlM

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Nov 2023 07:32:48 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRvpfPjgI4aqEHSz3LDv32568Id26b0f7pl1G6VrDF2rNdqFMz_Yr-N9ekf1l9Qx_dBe2x6cYEw0hIpa7W5Dlm3Y5beS3eaNw&google_hm=HspkpGZHXCEtjKfnQregqtlM
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0D9F
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk&google_cver=1&google_push=AXcoOmTCrGqUdH4Pgi7XnV37aMWexi3YKP1NoMGd66VKyPnSwekMJqyNjud2rkhWwpvACzi8GuuNciU6yc3faN07TiQyvxN4WsCa
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmTCrGqUdH4Pgi7XnV37aMWexi3YKP1NoMGd66VKyPnSwekMJqyN...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmTCrGqUdH4Pgi7XnV37aMWexi3YKP1NoMGd66VKyPnSwekMJqyNjud2rkhWwpvACzi8GuuNciU6yc3faN07TiQyvxN4WsCa

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmTCrGqUdH4Pgi7XnV37aMWexi3YKP1NoMGd66VKyPnSwekMJqyNjud2rkhWwpvACzi8GuuNciU6yc3faN07TiQyvxN4WsCa
date: Wed, 22 Nov 2023 07:32:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame 0D9F
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEM9Ft7LE6Mv8dJSsZU1OA0s&google_cver=1&google_push=AXcoOmSkqRjAIKvI_-RXwaqGvbGrovhM-fyyUHSAxaM4MXwY8JcxxG8rKIYFeskCLAZu8DHYVnM2R0mizzl...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSkqRjAIKvI_-RXwaqGvbGrovhM-fyyUHSAxaM4MXwY8JcxxG8rKIYFeskCLAZu8DHYVnM2R0mizzlfUTqUbE5BUE6_vi3qVlU
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

24ms
21ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0D9F 0
12 B 33ms
30ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAizNhRRC8BpJuoVFl2kgbY7Bn_ypSvD0hJ1SQYnJLP79d4Jt20MFHn8VqwEi9sro3pN3NXA

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame E4C8 49 B
491 B 32ms
25ms XHR
application/json 2600:9000:2250:f600:1e:fdf8:aac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:1e:fdf8:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: 0VhbA6tyu2r1pBaZTC48qVprd4a5hV5XtA8QMEvpq3dauAWD0HT_sQ==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 272ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: e13421bc-e020-c82d-bce3-915ce4b7a9a7

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E4C8 133 B
569 B 294ms
118ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 8065a1611128253a5d241c8322c3d8d6fa44130970063c666678625c96fe0910

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=913f39a297629eed1ca677b3234d1424e1a295e27d274272a7451b51f88599c3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 809dc39ea4eb7ba83c31d99ea1bc2e64337fd1426fc397c585f4faa7f5a6011c
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073247Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: c091ae50-90f2-e1fb-9d46-1eb00c207c11
Content-Length: 133
x-amz-id-2: V/oilhW1o1u07V8llYdGwjoPQjPsthGlGQl/6qkjsfFKos45yUxoWRSo+yH1IvGLxqFq8nCMjH2r68W9TEPjFg14z2zihJUY
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 68E7 0
0 44ms
43ms Document
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Wed, 22 Nov 2023 07:32:48 GMT
pragma: no-cache

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame E4C8 208 KB
64 KB 28ms
27ms XHR
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: gzip
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 12:12:59 GMT
x-amz-cf-pop: FRA60-P5
age: 76427
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: 0y-5HjoM_udQWk2cww-3iRcn6cB_ay4b6tAAv6alsbcYj9cAlFdOpg==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E4C8 133 B
569 B 284ms
119ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 5d3841cd551648f6c0770cb8e59f7b5c6323abe4e9a86e063f4f81f20a5aa92b

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=6df6cd4109d739c2fd6214948d68b8b81763bba3a525c01adbe68d6bcc4a8523
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: d81e3bf84283190d062a3f4fe8f83dd7b8032bb698b540a6627f14cd292ac5b9
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073248Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: ef34fc79-3ca4-50a4-b2e3-4c99784b3562
Content-Length: 133
x-amz-id-2: CPL3w5DMA6kiYSPYmcEUuGH2TVPIRjpIDXoqpDIQj1v3N+jyggCao5cjA3f1CslquQTN3iQi1UNQc8r07qyGhNVs2nwH0oXL
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 278ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: dc9c8b52-aca1-4e94-814b-3bb239380d53

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 091C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQOLQYGkjrxuMtVUieJKIQeDECgqtUfEiu7Arqc2Xw0LER6YXwddwXgGmHco8Bf7h58UmyFhMgPNhIWqgKqjsJAbs6rBR7sFg

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQOLQYGkjrxuMtVUieJKIQeDECgqtUfEiu7Arqc2Xw0LER6YXwddwXgGmHco8Bf7h58UmyFhMgPNhIWqgKqjsJAbs6rBR7sFg
date: Wed, 22 Nov 2023 07:32:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 091C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_hm=ZV2unyIIgauQTeblnfMpnwAABIoAAAIB&google_nid=index&google_push=AXcoOmTeyNtcOS3WfDmgg2TBbqpH_OcZk4h6F...

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_hm=ZV2unyIIgauQTeblnfMpnwAABIoAAAIB&google_nid=index&google_push=AXcoOmTeyNtcOS3WfDmgg2TBbqpH_OcZk4h6FQ9FXeV9MrX_z7NRM5Y_K4_rncch99WuBy4eZCrLXeWBAhWdts40x0JfWFaOuz04

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9FKeC6hlYkhTpgD12Yqw0hMc9ma8StuVwa981t1Kl6ZDuicernVCK6NWrdY723CVEObcs7hkFHnYtvUR9SMRtH1qrinMMRDPC1FR1N5c77cffRTIeW%2BORdJL5Ug8ceNJ8KZKZpuQ14Dxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBnW-YAIXVunezVi_etPf8Y&google_hm=ZV2unyIIgauQTeblnfMpnwAABIoAAAIB&google_nid=index&google_push=AXcoOmTeyNtcOS3WfDmgg2TBbqpH_OcZk4h6FQ9FXeV9MrX_z7NRM5Y_K4_rncch99WuBy4eZCrLXeWBAhWdts40x0JfWFaOuz04
cache-control: no-cache
cf-ray: 829f7b083d3301eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 091C
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmQvpxn0JMwvOksYVqgkcA6X3ZG9675LukkitU70b2Z9kRN-l0wMByFF8Ebs4syKhLamekgaA_QntZkNjOyIn...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQvpxn0JMwvOksYVqgkcA6X3ZG9675LukkitU70b2Z9kRN-l0wMByFF8Ebs4syKhLamekgaA_QntZkNjOyIn75vo1Ef8SNHXw&google_hm=HspkpGZHXCEtjKfnQreg...

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQvpxn0JMwvOksYVqgkcA6X3ZG9675LukkitU70b2Z9kRN-l0wMByFF8Ebs4syKhLamekgaA_QntZkNjOyIn75vo1Ef8SNHXw&google_hm=HspkpGZHXCEtjKfnQregqtlM

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Nov 2023 07:32:48 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQvpxn0JMwvOksYVqgkcA6X3ZG9675LukkitU70b2Z9kRN-l0wMByFF8Ebs4syKhLamekgaA_QntZkNjOyIn75vo1Ef8SNHXw&google_hm=HspkpGZHXCEtjKfnQregqtlM
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 091C
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEPwGwY0Jy-cgKyqZIEHMWg0&google_cver=1&google_push=AXcoOmRHvcIq7wZOtaTTKOnGsWEmb5Bjzbb7-PZHFVynuL0GoPVEFohR5YLq3UAC2_nak96mzxAk97zt_nCIBI_TnFcXFN9DpXSYhg
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRHvcIq7wZOtaTTKOnGsWEmb5Bjzbb7-PZHFVynuL0GoPVEFohR5YLq3UAC2_nak96mzxAk97zt_nCIBI_TnFcXFN9DpXSYhg&google_hm=M0ZTcjEzM3Z2UTMxbG...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRHvcIq7wZOtaTTKOnGsWEmb5Bjzbb7-PZHFVynuL0GoPVEFohR5YLq3UAC2_nak96mzxAk97zt_nCIBI_TnFcXFN9DpXSYhg&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRHvcIq7wZOtaTTKOnGsWEmb5Bjzbb7-PZHFVynuL0GoPVEFohR5YLq3UAC2_nak96mzxAk97zt_nCIBI_TnFcXFN9DpXSYhg&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 091C
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk&google_cver=1&google_push=AXcoOmS-eswttGIxgMBoWwnTLA6RY9m8PZ6FydPjW35_bqgLjyFDKAlEPmfSVwLt-nM65v964a4x7na3xntNuevNRXOGBMSMep...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmS-eswttGIxgMBoWwnTLA6RY9m8PZ6FydPjW35_bqgLjyFDKAlE...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmS-eswttGIxgMBoWwnTLA6RY9m8PZ6FydPjW35_bqgLjyFDKAlEPmfSVwLt-nM65v964a4x7na3xntNuevNRXOGBMSMepmwQA

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmS-eswttGIxgMBoWwnTLA6RY9m8PZ6FydPjW35_bqgLjyFDKAlEPmfSVwLt-nM65v964a4x7na3xntNuevNRXOGBMSMepmwQA
date: Wed, 22 Nov 2023 07:32:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 091C
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEHJtAFqwDJKcq5hRzYpdxMI&google_cver=1&google_push=AXcoOmSGkhn8PHaz31N_0OoD_5d_TufHaPL8nn6ePIdoU0hP8WuSYtCXelw4r3Q5Tc1s2HkhLSST0VDh_6PkeNuimXSXjnjD5DvA
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&mn_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSGkhn8PHaz31N_0OoD_5d_Tuf...

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&mn_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSGkhn8PHaz31N_0OoD_5d_TufHaPL8nn6ePIdoU0hP8WuSYtCXelw4r3Q5Tc1s2HkhLSST0VDh_6PkeNuimXSXjnjD5DvA&gdpr=&gdpr_consent=

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 07:32:48 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&mn_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSGkhn8PHaz31N_0OoD_5d_TufHaPL8nn6ePIdoU0hP8WuSYtCXelw4r3Q5Tc1s2HkhLSST0VDh_6PkeNuimXSXjnjD5DvA&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Wed, 22 Nov 2023 07:32:48 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 091C
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEM9Ft7LE6Mv8dJSsZU1OA0s&google_cver=1&google_push=AXcoOmSGNI2n1KSBWdgKpS16OfluEKYa4JPlRmqO-0-a2SVzGdWoMEu2dENJos6L5Za1mozmSO7-GKZa_gk...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSGNI2n1KSBWdgKpS16OfluEKYa4JPlRmqO-0-a2SVzGdWoMEu2dENJos6L5Za1mozmSO7-GKZa_gkcPZv18ZeSlNpLMOFD55Q
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

23ms
21ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 091C 0
12 B 33ms
32ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IXRb5Q4hbR93Q2SS1hCDULBDhCAasiEuktqLYYTqCEaoW5iYGMUIRhdRRrhvyaZlM7iY7qDg

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 5706 49 B
498 B 26ms
24ms XHR
application/json 2600:9000:2250:f600:1e:fdf8:aac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:1e:fdf8:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: tVqaHDWkVqq6Cs8uUtxh4Um9ekQaOiLUR09sMvY0VB593MhTHDLLaw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 278ms
113ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: cfd294c6-661b-be73-9205-2426fac92399

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 5706 133 B
569 B 287ms
121ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 1ae68ddf97e49d9de0d00a97709fb1c4be42ffbdb02bcf15c44b47c1010f3e9e

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=87d5d0014bca01f5730e8b61bf07ec5d1e3550ca1587e67824e456b569a9e3d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 19c5727a96123aa1840ffc0794051084855b354e038e41f4b25222913acc7077
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073248Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: cbab6780-13a9-695e-967c-d760173e08d4
Content-Length: 133
x-amz-id-2: Cx/rSYFAU19J1DuMiYIX8O+FtKr0t15KiNz4GfCKlgd/vRdaxovP+ouybl3ynKV6u5iIqDoC9nRrtK/c5IwMNyAgvC+tsAsC
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 7D56 0
0 45ms
43ms Document
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Wed, 22 Nov 2023 07:32:48 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 269ms
113ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: e1ce2511-3258-0f41-bc19-95f1ae8a92ab

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js_a/desktop/ Frame 5706 208 KB
61 KB 24ms
23ms XHR
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js_a/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: M..2uk1oytKXIiwyOT2pb17QwmooKg.V
content-encoding: br
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 10:48:36 GMT
x-amz-cf-pop: FRA60-P5
age: 74653
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:39 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: JaWwIV499qN5B-ouf_y2hPjwq1Tr6QvXsf4LTkDbUoSzDPAZoSX5oQ==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 5706 133 B
569 B 317ms
124ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: ad489d0eb4ec4fbd72195f8e366894fe44f7a6ccba0b5a05f87cff5dc9b3575c

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=a16d60820f3ffc933adfc57e0666685dcae88bb04e104599b92f35092bce2b1a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: f8e1ecf86236f40c8bddf42282228b07dbd832b7781170532621f9f3e946b08e
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073248Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: e2fd0a00-2d6d-9335-bf2a-bae0b8f4d0f2
Content-Length: 133
x-amz-id-2: dREc0hOq8/khwT48dqicPnLZyvIwEvkQfupm/pl9ODE2+ajnzF4z88Pz/rVtvj7ZY29Pxi/1b7E1kDOS0asPzvSponIh/07W
Content-Type: application/x-amz-json-1.1

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame F6E5 49 B
497 B 25ms
24ms XHR
application/json 2600:9000:2250:f600:1e:fdf8:aac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:1e:fdf8:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: GUi9_6_OvJmZi-ajMpge_CnPRe10kB8jETk7Qv99wbma07W05vaIpg==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 254ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: da956538-14ad-5a64-8742-d5d850423fa2

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame F6E5 133 B
569 B 343ms
119ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 450693474694c84145ceee9ff8aa588aa61866a2bb4f8dcbc2fa9a60f55d9dba

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=7d00703f2f8b4adf49e763e43ea12b5d61fb8122a8cb4f03603e56054f4bbb38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: c637e866601357e60b968fcd60c351767460d83d145a663b46d6b7e326f98874
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073248Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: ff632b05-2298-f56d-a2b4-9be5be4a6887
Content-Length: 133
x-amz-id-2: UIy3tQuYV1fuAPoognfRoe15z1T/BxAqpus1OyPqdB9l9GITfRAylvIzEjyh5+8Vlf5TnlUeDYg1o9tKNqFlO5iPewmucp3i
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 5A64 0
0 43ms
43ms Document
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Wed, 22 Nov 2023 07:32:48 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 300ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: f69a4dee-2d6e-7b33-ab4d-fd0eb8f738f4

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame F6E5 208 KB
64 KB 23ms
22ms XHR
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: gzip
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 12:12:59 GMT
x-amz-cf-pop: FRA60-P5
age: 76427
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: O_gj8UUE0up-5o9M3MeZQZcyuA2HfOC7QGzlg3G6O52htXWNPH5yiQ==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame F6E5 133 B
569 B 284ms
119ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 2819a6ca8f1a380b778754b1580589ee2a3775be935abcfd16a3185c47f62469

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b724481e1cc3885032d435448324f2a6df605daf9bfb543f1768fa78aeb55b3c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 67a2bb474d50db93b46fd5299451b931925f8f441719b0b0c838587a185b3e9a
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073248Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: db8d55b2-2f6b-00a9-865a-e552b3b99d43
Content-Length: 133
x-amz-id-2: H/gn6Nghe5V7pbv9/u1kIeyt3UqgmzCPc5sqNnq4GtJRqzvXxmxFFKHxcxHatAsWJ9a/Q2MQOGJnFot5POgX5ClC7cenaPgC
Content-Type: application/x-amz-json-1.1

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 4FF7 49 B
498 B 24ms
23ms XHR
application/json 2600:9000:2250:f600:1e:fdf8:aac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:1e:fdf8:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: WYtAHWnkY2jA3Iz4Irl7i38HgKjjbIPF77nEFQILjt2UaUCoplEBpw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 275ms
113ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: f8c0badc-27d3-27af-a517-0a3c633c4269

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4FF7 133 B
569 B 244ms
122ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: cd522b9d94e3ecb4c468f9221e5b3564d43eb3bc492aae80ebce602c31345e03

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9751b654af97e2deed38a4e1bdecec8230151134e755ae880de9a406e065eab5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 0acfa4a8adfbd3b004798373c1a5876a0817f6d651a8ee5e2fecca75eea95755
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073248Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: fc772c5f-f084-0641-a1a0-9cbfb46b6387
Content-Length: 133
x-amz-id-2: sgR2s+6QAG/D7YVbxydzD1cQKRrcA5P7RYYB83U/tBNLugv1r8BUUhrWdukUrkmtk9LMtKiRqpjFIHKaK3CBA+xckSdnr6Z6
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 27EE 0
0 44ms
43ms Document
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Wed, 22 Nov 2023 07:32:48 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 290ms
113ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: e152e8eb-4f69-2f8b-bc85-580b4bfe4e01

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame 4FF7 208 KB
64 KB 30ms
29ms XHR
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: gzip
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 12:12:59 GMT
x-amz-cf-pop: FRA60-P5
age: 76427
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: 4yIAColp0-QN9eg7RTUmsb4lWzBGMSqhgg-Rm-9P26z5JenC_0tiOw==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4FF7 133 B
569 B 239ms
117ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: b0c5317963e4cf14e1b75ed3a218377301448f39eb0115d085071c6e27db37a7

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f393e9cf501d34113ca96efcf87ea47b313e0846def6b260c8754ff41efa72f9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: de6110c52466893aaedb8f699f9b6d604bd2f3eac905e57e23b77bdc74d02661
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073248Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: ef75fa07-5994-3c3b-b2a2-4ae75d035db1
Content-Length: 133
x-amz-id-2: 0CkWD+yIPssmpktxlyhaDRLWV6YWsgEYgtXpBmWcIrTUoz8u/KbM9CosoUREZgIcTrPp5PUETiDJ032TqLJbtdEzJtMsAWwZ
Content-Type: application/x-amz-json-1.1

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 151F 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 452660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 01:48:28 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D43E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmRG4rGwAQCbjCGVaN1VwFowWNXAULpNvwCF6Q8H4Cklx8yCyom7uYrnGG1KZY1pExa1FC8IbhjgYadlvkXl82X1...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRG4rGwAQCbjCGVaN1VwFowWNXAULpNvwCF6Q8H4Cklx8yCyom7uYrnGG1KZY1pExa1FC8IbhjgYadlvkXl82X1FWQNUzBp&google_hm=3DpI-skNR3qWj3MHlipBMA==

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRG4rGwAQCbjCGVaN1VwFowWNXAULpNvwCF6Q8H4Cklx8yCyom7uYrnGG1KZY1pExa1FC8IbhjgYadlvkXl82X1FWQNUzBp&google_hm=3DpI-skNR3qWj3MHlipBMA==

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRG4rGwAQCbjCGVaN1VwFowWNXAULpNvwCF6Q8H4Cklx8yCyom7uYrnGG1KZY1pExa1FC8IbhjgYadlvkXl82X1FWQNUzBp&google_hm=3DpI-skNR3qWj3MHlipBMA==
date: Wed, 22 Nov 2023 07:32:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D43E
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmT_ryrnqRj1u2L49VVNjYyxjZR9zWTlA1SIr-DpkMrahDNG1H2W-rU52OEP22Z0LZVAgFHakVPHyCPpB8nFS...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT_ryrnqRj1u2L49VVNjYyxjZR9zWTlA1SIr-DpkMrahDNG1H2W-rU52OEP22Z0LZVAgFHakVPHyCPpB8nFSB4ZMxiIf5ib&google_hm=HspkpGZHXCEtjKfnQregqtlM

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT_ryrnqRj1u2L49VVNjYyxjZR9zWTlA1SIr-DpkMrahDNG1H2W-rU52OEP22Z0LZVAgFHakVPHyCPpB8nFSB4ZMxiIf5ib&google_hm=HspkpGZHXCEtjKfnQregqtlM

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Nov 2023 07:32:48 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT_ryrnqRj1u2L49VVNjYyxjZR9zWTlA1SIr-DpkMrahDNG1H2W-rU52OEP22Z0LZVAgFHakVPHyCPpB8nFSB4ZMxiIf5ib&google_hm=HspkpGZHXCEtjKfnQregqtlM
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D43E
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEPwGwY0Jy-cgKyqZIEHMWg0&google_cver=1&google_push=AXcoOmROhGvILF_LFAMjP6g3OwXQaKn1GL8jfPsZsNeL_AZN53mvP0r4lC8JaTnhTPQTdOPoSLfQ02Y_x3K8KZ4uvxDu17q48ZXR
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmROhGvILF_LFAMjP6g3OwXQaKn1GL8jfPsZsNeL_AZN53mvP0r4lC8JaTnhTPQTdOPoSLfQ02Y_x3K8KZ4uvxDu17q48ZXR&google_hm=M0ZTcjEzM3Z2UTMxbGx6...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmROhGvILF_LFAMjP6g3OwXQaKn1GL8jfPsZsNeL_AZN53mvP0r4lC8JaTnhTPQTdOPoSLfQ02Y_x3K8KZ4uvxDu17q48ZXR&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmROhGvILF_LFAMjP6g3OwXQaKn1GL8jfPsZsNeL_AZN53mvP0r4lC8JaTnhTPQTdOPoSLfQ02Y_x3K8KZ4uvxDu17q48ZXR&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D43E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.targeting.unrulymedia.com/csync/RX-aed4d127-19e6-4301-9d16-4d3596549d75-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQtEbmUVoQHftPpawIEU...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQtEbmUVoQHftPpawIEUlU9NX61bVCEyFAsideLSo8pimbYPU_gGoRhmOHvm_aG7-Nk7rRRRUjDn5UlMOhCJk5Lv6ayI5Or&google_hm=A67U0ScZ5kMBnRZNNZZUnXU

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQtEbmUVoQHftPpawIEUlU9NX61bVCEyFAsideLSo8pimbYPU_gGoRhmOHvm_aG7-Nk7rRRRUjDn5UlMOhCJk5Lv6ayI5Or&google_hm=A67U0ScZ5kMBnRZNNZZUnXU

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQtEbmUVoQHftPpawIEUlU9NX61bVCEyFAsideLSo8pimbYPU_gGoRhmOHvm_aG7-Nk7rRRRUjDn5UlMOhCJk5Lv6ayI5Or&google_hm=A67U0ScZ5kMBnRZNNZZUnXU
date: Wed, 22 Nov 2023 07:32:48 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXaed4d12719e643019d164d3596549d75003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D43E
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEHJtAFqwDJKcq5hRzYpdxMI&google_cver=1&google_push=AXcoOmTf5OhLfSRQlwyFuvsFNP-cIwGZPgHrOdT1UmMtD6dnCPSDmPq5YQrfb_D5-e7JVdTOFsHZ8mEam9xXPgdFHNeTTJpqA40S
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&mn_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTf5OhLfSRQlwyFuvsFNP-cIwG...

170 B
188 B

40ms
39ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&mn_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTf5OhLfSRQlwyFuvsFNP-cIwGZPgHrOdT1UmMtD6dnCPSDmPq5YQrfb_D5-e7JVdTOFsHZ8mEam9xXPgdFHNeTTJpqA40S&gdpr=&gdpr_consent=

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 07:32:48 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&mn_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTf5OhLfSRQlwyFuvsFNP-cIwGZPgHrOdT1UmMtD6dnCPSDmPq5YQrfb_D5-e7JVdTOFsHZ8mEam9xXPgdFHNeTTJpqA40S&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Wed, 22 Nov 2023 07:32:48 GMT

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame D43E 0
34 B 30ms
22ms Image
text/plain 52.59.133.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJV0QaIrqnT32gmclS1ruxc&google_cver=1&google_push=AXcoOmSL2tcV4l9bM_CdMwnVk9np55EPT4r-hCMOtmpXtciGUX1vWBIGJjqZjebixY2BFa7IdAOkYPOoAR0TKhwVfAfmCSmynOWEBq8
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.133.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-133-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame D43E
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEM9Ft7LE6Mv8dJSsZU1OA0s&google_cver=1&google_push=AXcoOmRqJfTZOLAzBu0FeOA8fheoOiolmS2tZolZTDpPoloL2irgvs6mziB-LwIiZKlsFwoBW4czjoMZC_Z...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRqJfTZOLAzBu0FeOA8fheoOiolmS2tZolZTDpPoloL2irgvs6mziB-LwIiZKlsFwoBW4czjoMZC_Zkh1jIieqh8l5FaElyEFU
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

22ms
22ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D43E 0
12 B 34ms
29ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IBRylFd93uu78wibtqt8d1lQU2JlYHr6B6NcjKC0mH62qyjXJm_H2lBnyLx1gK_JxEaxuy1qw

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F31C
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmSuF2mv5_tgPiDwAAJYbzTIXDGqi-TPsYDbrLgXChHhZ-FfOM1pbW7rONSDXsahUAqz_yE9t2xYCyO79i3jf2Tw...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=dc3a48fa-c90d-477a-968f-7307962a4130&gdpr=&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=dc3a48fa-c90d-477a-968f-7307962a4130&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=37d6431b-d07e-46a5-9fc0-2fcb99e34bf8&ssp=google&expires=30&user_group=5&bsw_param=dc3a48fa-c90d-477a-968f-7307962a4130
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSuF2mv5_tgPiDwAAJYbzTIXDGqi-TPsYDbrLgXChHhZ-FfOM1pbW7rONSDXsahUAqz_yE9t2xYCyO79i3jf2Tw8CDmQELCGQ&google_hm=3DpI-skNR3qWj3MHlipBMA==

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSuF2mv5_tgPiDwAAJYbzTIXDGqi-TPsYDbrLgXChHhZ-FfOM1pbW7rONSDXsahUAqz_yE9t2xYCyO79i3jf2Tw8CDmQELCGQ&google_hm=3DpI-skNR3qWj3MHlipBMA==

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSuF2mv5_tgPiDwAAJYbzTIXDGqi-TPsYDbrLgXChHhZ-FfOM1pbW7rONSDXsahUAqz_yE9t2xYCyO79i3jf2Tw8CDmQELCGQ&google_hm=3DpI-skNR3qWj3MHlipBMA==
date: Wed, 22 Nov 2023 07:32:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F31C
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQKvc...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmQKvcNyMCeKWZMK4cX8tx1S8PmfN5aUl5NdQ9MFbl3rF1hsU8X0OigTRMnPMA-7XQ9n23B1yszvnqPU...

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmQKvcNyMCeKWZMK4cX8tx1S8PmfN5aUl5NdQ9MFbl3rF1hsU8X0OigTRMnPMA-7XQ9n23B1yszvnqPUuZ5h9725D9NzKtIRQA

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:47 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmQKvcNyMCeKWZMK4cX8tx1S8PmfN5aUl5NdQ9MFbl3rF1hsU8X0OigTRMnPMA-7XQ9n23B1yszvnqPUuZ5h9725D9NzKtIRQA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 903494
content-length: 0
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F31C
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFDSaaK22dnG49-F_hamc9Y&google_cver=1&google_push=AXcoOmQx0lGRdGlSSsJTeEI6Q3CY_Iwn9Bq6zDpPd4b6FreKY2zegEtcZ6gb5TOTKVRVRmFEsSNNvuijkdDh7...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFDSaaK22dnG49-F_hamc9Y&google_push=AXcoOmQx0lGRdGlSSsJTeEI6Q3CY_Iwn9Bq6zDpPd4b6FreKY2zegEtcZ6gb5TOTKVRVRmFEsSNNvuijkdDh7...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQx0lGRdGlSSsJTeEI6Q3CY_Iwn9Bq6zDpPd4b6FreKY2zegEtcZ6gb5TOTKVRVRmFEsSNNvuijkdDh73Y8vVb32mH-fyhbRw&google_hm=azJSdXdZSWw5d3ZPOW...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQx0lGRdGlSSsJTeEI6Q3CY_Iwn9Bq6zDpPd4b6FreKY2zegEtcZ6gb5TOTKVRVRmFEsSNNvuijkdDh73Y8vVb32mH-fyhbRw&google_hm=azJSdXdZSWw5d3ZPOWZ2eDNhWG4=

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 07:32:48 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQx0lGRdGlSSsJTeEI6Q3CY_Iwn9Bq6zDpPd4b6FreKY2zegEtcZ6gb5TOTKVRVRmFEsSNNvuijkdDh73Y8vVb32mH-fyhbRw&google_hm=azJSdXdZSWw5d3ZPOWZ2eDNhWG4=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F31C
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmT3Zqg6YbEQiXFxmTgVhr81mFKLfcQmuFBmM-dkeSvGBiUECwruXJAc_DCjbX0aKmO6oPqBkUo4im...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT3Zqg6YbEQiXFxmTgVhr81mFKLfcQmuFBmM-dkeSvGBiUECwruXJAc_DCjbX0aKmO6oPqBkUo4impgXet5_vx8cac8GRhONQ&google_hm=dd351fb4-19db-4585-...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT3Zqg6YbEQiXFxmTgVhr81mFKLfcQmuFBmM-dkeSvGBiUECwruXJAc_DCjbX0aKmO6oPqBkUo4impgXet5_vx8cac8GRhONQ&google_hm=dd351fb4-19db-4585-b2cd-76af2ce8d523

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-40
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT3Zqg6YbEQiXFxmTgVhr81mFKLfcQmuFBmM-dkeSvGBiUECwruXJAc_DCjbX0aKmO6oPqBkUo4impgXet5_vx8cac8GRhONQ&google_hm=dd351fb4-19db-4585-b2cd-76af2ce8d523
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F31C
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk&google_cver=1&google_push=AXcoOmTTJotLVy9AxhNrEOtaMUj1k1dbjAuAs6xnkv4qX3S5Ub0g551CfagiCCz1aRWSfY-MR5_Yr428wkJbYSJOWhmz85fkWe...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmTTJotLVy9AxhNrEOtaMUj1k1dbjAuAs6xnkv4qX3S5Ub0g551C...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmTTJotLVy9AxhNrEOtaMUj1k1dbjAuAs6xnkv4qX3S5Ub0g551CfagiCCz1aRWSfY-MR5_Yr428wkJbYSJOWhmz85fkWeMI5Q

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmTTJotLVy9AxhNrEOtaMUj1k1dbjAuAs6xnkv4qX3S5Ub0g551CfagiCCz1aRWSfY-MR5_Yr428wkJbYSJOWhmz85fkWeMI5Q
date: Wed, 22 Nov 2023 07:32:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F31C
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEHJtAFqwDJKcq5hRzYpdxMI&google_cver=1&google_push=AXcoOmSufjDb_gDFgP3YrFiPnPht3UYaVxJyonRxz3rHXYveVIsvafGMRZWT9Na5-q0DWh-8_9zBjWG3zPvp2x5uGd9XURteJ...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&mn_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSufjDb_gDFgP3YrFiPnPht3UY...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&mn_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSufjDb_gDFgP3YrFiPnPht3UYaVxJyonRxz3rHXYveVIsvafGMRZWT9Na5-q0DWh-8_9zBjWG3zPvp2x5uGd9XURteJkqkvA&gdpr=&gdpr_consent=

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 07:32:48 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&mn_hm=MzQzNjM5OTY4NzI1MTcxOTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmSufjDb_gDFgP3YrFiPnPht3UYaVxJyonRxz3rHXYveVIsvafGMRZWT9Na5-q0DWh-8_9zBjWG3zPvp2x5uGd9XURteJkqkvA&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Wed, 22 Nov 2023 07:32:48 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame F31C
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEM9Ft7LE6Mv8dJSsZU1OA0s&google_cver=1&google_push=AXcoOmRXM4qO6TbxhBF0IualAkjOHqihTVbMHEmIRNJOG3aV0u4DobK0_QfHMJBjsXemmwBjAB8vZGSZYSf...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRXM4qO6TbxhBF0IualAkjOHqihTVbMHEmIRNJOG3aV0u4DobK0_QfHMJBjsXemmwBjAB8vZGSZYSfnj0q6FnGBR1WtegJ35Pw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

22ms
22ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F31C 0
12 B 32ms
31ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LXis5vToTUuZI3XPVZh1sl0L6Ldg6RTyszCE0yk7YwcDxbUHXpO-bOKSaegjfnmhzCl_OxSw

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame C2B8 49 B
497 B 24ms
24ms XHR
application/json 2600:9000:2250:f600:1e:fdf8:aac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:1e:fdf8:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: W-tRxpAfNXa9thBmtefdoxwlmpTiindDFFQwn5uprllt3RxSp0SB-Q==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 261ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: dfe26c8d-ef13-567f-8235-dc6d73c1cb95

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C2B8 133 B
569 B 177ms
121ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: f23df0bfa7d0a0342df618af970d3a96ed6385c420084934e34337ab8c0d8fb1

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=cf000cd307513a001a4f184c6d67a437353a8c5edb4222d068e12706a246f93b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: c0a24f264f31ae8c0ca81c7126cdc5f66cce76d5264a75823ace70791995be99
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073248Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: f88a471a-97b9-fb5d-a55d-f7fa932e9ad7
Content-Length: 133
x-amz-id-2: UhPZ3bXQ+ThOXTPwyVYznnvckAuJ6UDxqJUDxjWOCScl+cARywWGIzUHHUem0FFF/SHoyAOheADZy8kc0AuTcBz9P54ZZCzS
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame D524 0
0 43ms
43ms Document
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Wed, 22 Nov 2023 07:32:48 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 296ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: e325bb6b-a7f8-e2c9-bef2-0b8ba36f8343

GET
H3 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js_a/desktop/ Frame C2B8 208 KB
61 KB 23ms
22ms XHR
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js_a/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: M..2uk1oytKXIiwyOT2pb17QwmooKg.V
content-encoding: br
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 10:48:36 GMT
x-amz-cf-pop: FRA60-P5
age: 74653
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:39 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: 7s9p2FVxfBlrtCioQw2B-Cnu7gJTsbuxehgu1CS5uH5Cx1SWoLIgag==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C2B8 133 B
569 B 151ms
121ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 20b8a04ea44d942781249f77efbaad21b0d7ad9c0bd4de0a0dfc0c7201dd3493

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=6ff080fd12cc041b03e05159c7e41e3a980dba43b9a979964ad0b2c944ae262d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: e68e5962d5e10d3ca5bb0a595644ca4603f02f71243436bac6c2ff01ef2b0fa0
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073248Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: e384dd59-d908-78de-be53-6db94c913b19
Content-Length: 133
x-amz-id-2: G2Ohdm3CjMQXjHxYBJZ0eZRNYCJzC4tbtZPVj6lBLfv9gloRNgGL2ghLhNK40RlE1tKf+up1c0mHaMgGu1oozxu0u1Oowjrr
Content-Type: application/x-amz-json-1.1

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame D839
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEOWuvJNY0359t9o9Rwx4iDs&google_cver=1

43 B
606 B

41ms
41ms

Image
image/gif

34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEOWuvJNY0359t9o9Rwx4iDs&google_cver=1
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEOWuvJNY0359t9o9Rwx4iDs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 299
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

sync
ads.yieldmo.com/v000/ Frame D839
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
https://ad.turn.com/r/cs?pid=45&rndcb=1912969244
https://sync.1rx.io/usersync/turn/9109471186860667620?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-aed4d127-19e6-4301-9d16-4d3596549d75-003?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-aed4d127-19e6-4301-9d16-4d3596549d...
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-aed4d127-19e6-4301-9d16-4d3596549d75-003

0
0

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame D839
Redirect Chain

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fuserid%3D%24UID%26pn_id%3Dan
https://ads.yieldmo.com/v000/sync?userid=2975953166841500249&pn_id=an

43 B
598 B

42ms
42ms

Image
image/gif

34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?userid=2975953166841500249&pn_id=an
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
an-x-request-uuid: afd46a30-2dc6-4a43-9139-68c2f18ad21f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.yieldmo.com/v000/sync?userid=2975953166841500249&pn_id=an
x-proxy-origin: 176.10.106.5; 176.10.106.5; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET sync
ups.analytics.yahoo.com/ups/58529/ Frame D839 0
0

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame D839 43 B
855 B 50ms
46ms Image
image/gif 54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=81a53010-8b0a-49aa-889a-6006d15167c2&id=3FSr133vvQ31llzYFQnr

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 07:32:48 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K45NBBRJTR3FTRBKZ2XA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame D839 0
0

GET

pixel
cm.g.doubleclick.net/ Frame D839
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTMwREU5QkEtRUJFQS00RjJGLUIzMjktQjAzODJEQkMwMzQx&gdpr=-1&gdpr_consent=

0
0

GET rtset
bh.contextweb.com/bh/ Frame D839 0
0

GET

check
pixel.tapad.com/idsync/ex/receive/ Frame D839
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3FSr133vvQ31llzYFQnr
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FSr133vvQ31llzYFQnr

0
0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame D839 170 B
188 B 35ms
32ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D839 70 B
148 B 45ms
41ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3FSr133vvQ31llzYFQnr
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame D839
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=8b5e5047-1d29-4616-9c70-1a5f39e07c4a

43 B
613 B

43ms
41ms

Image
image/gif

34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=8b5e5047-1d29-4616-9c70-1a5f39e07c4a
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=8b5e5047-1d29-4616-9c70-1a5f39e07c4a
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 729650
content-length: 0
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET current
yieldmo-match.dotomi.com/match/bounce/ Frame D839 0
0

GET sync
sync.srv.stackadapt.com/ Frame D839 0
0

GET

sync
sync-openx.ads.yieldmo.com/ Frame D839
Redirect Chain

https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=d4a85ddd-3d8c-0218-3c78-d2330a7c1e34

0
0

GET cookiesync
bttrack.com/pixel/ Frame D839 0
0

GET

sync
u.ipw.metadsp.co.uk/ Frame D839
Redirect Chain

https://x.bidswitch.net/sync?ssp=yieldmo
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=${BSW_USER_UD}&bsw_param=dc3a48fa-c90d-477a-968f-7307962a4130&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
0

GET CookieSyncYieldMo
rtb.adentifi.com/ Frame D839 0
0

GET mo
match.prod.bidr.io/cookie-sync/ Frame D839 0
0

GET 397286.gif
idsync.rlcdn.com/ Frame D839 0
0

GET psync
xsync.iqzone.com/ Frame D839 0
0

GET yieldmo
cs.admanmedia.com/sync/ Frame D839 0
0

GET 26980
stags.bluekai.com/site/ Frame D839 0
0

GET g.pixel
aa.agkn.com/adscores/ Frame D839 0
0

GET cksync.php
contextual.media.net/ Frame D839 0
0

GET /
b1sync.zemanta.com/usersync/yieldmo/ Frame D839 0
0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame D839 170 B
188 B 31ms
30ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_sc&google_hm=M0ZTcjEzM3Z2UTMxbGx6WUZRbnI=

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

sync
sync-adform.ads.yieldmo.com/ Frame D839
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1283
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=254002728751764508

0
0

GET sync
ssbsync.smartadserver.com/api/ Frame D839 0
0

GET /
csync.loopme.me/ Frame D839 0
0

GET sync
rtb.mfadsrvr.com/ Frame D839 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
22 KB 384ms
384ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1960253774774635&correlator=1859386693985719&eid=31079671%2C31079744%2C31078018%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=12&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3D8ea307d0f66648de%3AT%3D1700638365%3ART%3D1700638365%3AS%3DALNI_MY4XfW2sO3sqoiOMvKEDK52gZ1Yug&gpic=UID%3D00000cd6c9b2db67%3AT%3D1700638365%3ART%3D1700638365%3AS%3DALNI_MbBmeqV2kl7IMmFuFEmRWJxFsI7fg&abxe=1&dt=1700638368419&lmt=1700638368&adxs=1140&adys=464&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=381228326.1700638362&ga_sid=1700638364&ga_hid=1184345832&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQwOTQyNGRjMGVmNmFlZWVjNTllOGRkOTBhYzFlMzIyNDZiMGIwODY2ZGRmOWI2MzE0MjEyYmIwMzU5ZTdiMGEY07LIr78xSAASOwoKcHViY2lkLm9yZxIkY2I1ZTZmYWQtMmUzNS00NmNjLTg2MTQtMTE0NjE2NDJiZDM0GP6hyK-_MUgAEh0KDmVzcC5jcml0ZW8uY29tGPieyK-_MUgAUgIIZBKuAQoIcnRiaG91c2USmAFydGhyUkJKaFNnQ0hDcDh3U1FNem9GUXBNQlhGS21CYys1NmRaQWR2SVNvem8zZDh4elhDcUpEWkhNYldhSytGZEdOaENUZjZwSU5WY0RKOExqZEpPOUQrTFRUaG40ZWE4ekVQT3VvOEUxSGFNQy9oVEhKZE9Bb3ZXcUFaWlFyNXNIYzFPTElKUEZGVFVRTWwvV3dIL1E9PRjKtsivvzFIABIUCgVvcGVueBjWscivvzFIAFICCG8SGQoKdWlkYXBpLmNvbRj4nsivvzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJOwyK-_MUgAUgIIag..&dlt=1700638360670&idt=1869&prev_scp=pos%3D2%26monu%3D300x250-160x600-300x600_B2%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D7__notchrome%26browser_hour_refresh%3Dundefined_7_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=663577002&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

199e2d50eea1c6d696ce542e1afe173150db34ec9714fb5060ac14cbfc23cb28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23006
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: c3b4bae8-b741-24e2-9e63-0a0822d86725

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 6E3A 133 B
569 B 118ms
118ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 550c3b3ce95d602480fa09c8dccfcbba3b1c5aace700ea5c84b869b5e8cfa45f

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=99490679e0f81ccd788abde7f530383e87f24de2254d4d2b8e18915cd4c4f377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 6bd30db260ec6f582576739f046a0b01061c7d2bf5cdc984370afa4f981a3265
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073248Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:48 GMT
x-amzn-RequestId: cb3d8c72-cb4a-a780-96ea-3c925ed3e447
Content-Length: 133
x-amz-id-2: sx34DkE0fJ+6tMGF/kp1s3MRK4N2Mgp8RZ4KN74oDazeMHGy+IVnbSG88N0YQG7iMj2bTTMGdjVHRdPpM7ixR9WgjzUzsNIO
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 6E3A 0
467 B 44ms
43ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=5206241578790453939&plid=2521236318193655889&pvid=3412321018581324120&fmtid=52&e=16&rep_meta=_3aTv21hvbrUUcP6Lpzv1Pbwcj5UuT0GObj0pYazrOmo74N07AP58yOXZES83sh6The4sEcQcKRnWuK1s7bklHtxwOT_e7zxD0mNNmfeUXK39QhZD2zPuu9bcd_v4X3ALpVpAiLG2hrr-PnaOzWyOhYumj2FDbRk_lW_k3vesPLQfVGZDIAlehfuY4CHmGr35FmDExmJt4pKrFnMl3tWucKfqTQ84OSqnJaKlN57LiyYXNBgENxgIqJxyGQRj_8OJrMrGKr1WAL90ApqtPJnnnDcfAYUysZosFjy703nnAP4kMq8jRTQ8kVwHOLilU_Zi_JFAnQgBKX0Db8RWduCZbpJbwwXuEjM8W-HqglpK3v_2n7go5gt2KOmZMmIxKUGRRU5Jg5-tzuGkhSy5B8yyZdw86QTqOUJPLRc1GI9iBc&offsetX=0&offsetY=0&pvt=1700638364344&stime=1700638368771&etime=1700638368772&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C30F 21 KB
8 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:48 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame C30F 42 B
440 B 123ms
61ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWeR-bICWqaAA-We8hiXzCL_BaJCGiMFzjju_jOFmt6t9WenhCpv7_xEkccTGKcnQ2flsWVgtVYfEIY9A4nim5Ak0l6A&dbm_d=AKAmf-BmyfPnZTnBH8rf3wU7RMayhSwQ7hJjTiunDhdC9XQDhu1Toq-R1zhpU59qxO-4nK7UEWijsAy4N3jxlS3oWxnbXUQ84YIuu1QeFyPjC1BiUPc7gRGEqznS9YM2mhgx3ANoBh-rLe6X_udNZlqJ8En_GTF9ov4obtx53dzp2rqOia5MiUxg-ojgl-StMc5LquLkjQu0uV1iFZw-WHRy3qfiZ9jF5e5EpXebCgobP37adgTrzRgskxXAdbLf63-JlvxxLmlqSs651K-0NqzDkaZbTAw3DRCMb9a1_X9Y4fSANGUoyEDCx4nFJP2t0SPb9jKEMWAK7jMqQROX1WLzg3sOwsAs6t6lFCf_W0D7l20lUCuZCqw2xPYlHBS8b--KvUtPDzet7guXDtn_L3q26shc7Kt8iRoTTh0SYtopLUBFye7Irrb1T61AKA-DDeLJA9UIMSWXRdfTVNi2xu978Ewm8ZarOipBuXyKDuzLQeubDWua8rJbFAv_DUgqDq79ML_exuDvW4tc0iLVpzPSdE2XkuMRQxPe3LZ_vlY4XRzCmN0Xb_WcpNOytqBORpdnWyxc0hjD_DxgsGjHi-xBcfQ0kI_W07uThfn2ODO-ghQPr5eVfTvVlMyOJZiCiqkRk-jJi3dtseigQd66mh-s4mr_z9t9-cB_lq6TIecdHlqqeHgC5mPjKePMoZhjbVJS-vpPMFT4bu59qmHRKZVgZQGf89YezTS7cYCViExR3us4rZWgNFsUYamTsPP9RHygRey6pYSBpg9XIH39GG5_frA7Nes7uYtzhjOZ0h0o4NwDoYU7QmSh55JlL1rIFmNz5r1ZgkoV7AR7Q0RzrtZRPrQ4lOBpG-eeRmerbQrIH2VlvPs_m8GiLkfTiSrDYZ7-_WWLYJYcwpFgd24pEKV0or1NNTMi1jkglmIXpWXI9ce1GCEP3lSbfhQ458CMGP2MIx_Iu0PLeGNRGP7-U7m5ya_YfBjQN9EMQmtW8bhPhwYEekfF6gMcccCs6niETpRDVkqO4Q4tlRY_ZRm8qXAfFgtqfLG9WQ0GharEaGscJMsG3IH4jjhoV2sxFGit6jx2ADzP65tXTCEIrzdtbN_XSVMqdVsw_-znlz1CpheSSsHDurp8YiYAKMQM3gPh0WzQqBLlbUv662wSShYdzN_ObBG6ReFTuPTdp4qW3wwOELv3i6QcSAmdNGJK3A9dTvZlyWACfgf3gsRGpab9wllSQ_S4sy4h89_ox24v1vudMQ6oF61HMikcaBwkVBJJy6Vn4WvafVuc22qhvC7Njd3Q-RJjB4iOR9-y2OVk2gkjsf-ptn-0WIzOQUW91jxuNLuJ2GxIEyhvUNbMNiA1Zk5t_iyJnie6zEWiIMyqoHRnO-wx1ooUHNqhCBZCb3_5srqo42M8oAq5j61_xQGeDnuQ1WeTX9mOAPvrBk_ffbxYwyDrcEMTDrrMqGBA4ksgPwuQp2CD5pUCFRgT5ZSgOd_UnLVM2YSEGQPKUAqWLmW3La1f3WBw1-ZTTogMGVJF9i42SYKFXF7G9ZyARb-sInvObt5qfey9b-H-vKdv8uAQug6KMVANP5h9zr70a3wjdWWu9AOBeH05BJjw0rbvxtRmnKN57sKZAY4XZO38Tky0vAjClc76CHNakicoX3LnVx4eE2jN8ypyB9zTNN720Jq8Zc95akVD-WYSZ8lHS4OTYJzvzR7-EncAAGFiN8UT4zThsv5Vd1Vx0vEh7IMsHVxf1cHF9dTAe7I18h-ezlr4ECTA1mQGAKqZpbiRf4cHKCvsa0sr_2DBVuZMWjHUKrANxU_3fIgZpHyYoLwMQU9iafAH3tz_3lH8paOoj0rMC4QtzysGvjjpDknA3tvurz4ll-Nvytwv_wm0kxECG8qotrUokVhPPk4_HxxGvvhzUco9FCqPPBX25ISKUvGOtQfcIdbPWZ4SQOUOQo4m-eLOz7rkt81KvaGUFPACO1JUdZ5NDLAF9jEqu4FV52jQ-JtU3V2ETpGtJJAXM36KLI_WxaWx8TO2Ba7xsdw3LoT3Q5etthe73RuaHwH0NG8YntYqRExbqDNhDd8anvpKu1C6HptI10DRYqsDlZr6hHb9bJqUO0vQAOYS6ymrLwAb6UtYznx7mZZt-1Nl-eej-j4PyHAi-Ab0YqGtR6IpB8Py5ZG85qrTBldY57wYe413eSIwJHe-Rj1BjEy_b_puPy4fAk7k1xzmJEEpnQfRK_n6ilOLSahp20AFOB5sNWSPuYgCbFRoTgXMcTtFaYpPu1a_NeHNfk6MFn-vsp-SCxfATvY_og0bNSv3FqGh-St9tpLkqmZTMcqGWRnfFNRk1LHZflVK9uxhJ20peaEjhqSPtuUQAnceQaas&pr=67:1.763584&cid=CAQSMgDICaaN2SHD2Lkxb27KcaSB05Fxp5ot4U3k3QOwSD-UtnnpM1TT025BsL0YRG3L6bafGAE&dc_exteid=31371240670512846183155449809791896&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame 6E3A 699 B
1 KB 28ms
27ms Image
image/svg+xml 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Tue, 21 Nov 2023 21:50:24 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 34945
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: cgOTHf7JrU1Si70MUZtWsB7od5hoToiMElM9h_FZx_wxRqGbwYrr7A==

GET
H2 200 2377972996091346984
s0.2mdn.net/simgad/ Frame 6E3A 164 KB
164 KB 83ms
22ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2377972996091346984

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb570915065b0ec2ab1de72c19116d5b5d1e2a0caafcfcce19bbca14075da8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168088
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

GET
H2 200 9871149676746416428
s0.2mdn.net/simgad/ Frame 6E3A 2 KB
2 KB 82ms
22ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9871149676746416428

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2a7c1a22b6efda1bd648110cb8e22b462242c29fcd2dcb25a5cf96d8d0bc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

GET
H2

200

p2
sb.scorecardresearch.com/ Frame 6E3A
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=a0525f9fbd8ed8c274c8
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=a0525f9fbd8ed8c274c8

43 B
299 B

33ms
33ms

Image
image/gif

108.138.7.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=a0525f9fbd8ed8c274c8
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 108.138.7.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-10.fra56.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: KBm80qQgLNXaVoW0YRuUbelk8PhV0BF2wsAWQ1fy-X7lDSLfQIrpaw==

Redirect headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
location: /p2?c1=8&c2=18969557&ns_ap_it=b&rn=a0525f9fbd8ed8c274c8
content-length: 0
x-amz-cf-id: Vj4_Rbcb6jpI_Bi4-D-cS3UYcacZ-aqLAOFwbuxaNedY_0d2J_m1tw==

GET
DATA 200
OK truncated
/ Frame 6F97 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52529a97f90496728672f65772811c6f1b9547eaba611ccaa90b36f2927abea0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame 6F97 699 B
1 KB 25ms
24ms Image
image/svg+xml 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Tue, 21 Nov 2023 21:50:24 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 34945
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: wpvdlLl9Awzr9clIT5sfrk1h6dEEoRCPrNzjFSeINvplDLGkQhnkug==

GET
H2 200 2377972996091346984
s0.2mdn.net/simgad/ Frame 6F97 164 KB
164 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2377972996091346984

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb570915065b0ec2ab1de72c19116d5b5d1e2a0caafcfcce19bbca14075da8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168088
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

GET
H2 200 9871149676746416428
s0.2mdn.net/simgad/ Frame 6F97 2 KB
2 KB 37ms
37ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9871149676746416428

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2a7c1a22b6efda1bd648110cb8e22b462242c29fcd2dcb25a5cf96d8d0bc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: f3bd692a-f3e3-d6ff-ae6a-d9cbf774b775

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 6F97 133 B
569 B 121ms
121ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 013d885eda8966389a63c217309811e038a9016aca05b8d842e4f54a0da040f5

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=217760f47dbb4c1f9b80baf2857ceaec321fff8b28bfa60d4c85895e9e8a68ab
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 67461b234d9de7087e7f9615fb416ed4189a1efe0cdc973da6597fa6865de2d8
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073248Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: c1441036-9d8f-d292-9c93-a0d79918b318
Content-Length: 133
x-amz-id-2: h6PDc2T1X4aCJEVu015gKLLShw14coXvdnGQwv36u6Z05k0IZZXohsOAVnB40BAmLk75l0SoQLOX0bTVb4rTAfrK1txGcBgi
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 6F97 0
467 B 43ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=8451174701058021595&plid=2521236318193655889&pvid=3412321030056924521&fmtid=52&e=16&rep_meta=nnvbVSBf0xiPLz1TuRLkf27s5bJXTdpWzyFmV6JnBNoHq8_km_ubAPzSq9m4OHlK4scwZqljRBksIUIemSRsRZC5rqea5aday20mpHECfsiYIvcOw0-ouGH0JeW4Il9wORabWr55nRSIV9YkrARdqMe2cxQg3n6lJ2kPDPsRCg6T89tHtt-GrK3BLOLwT96tTpPxVDg7UofOBY0vxgiDQoCZ7WPG0gMy2KXrdqdFxGvzkGcQnIqeY_ATG0N5aIpTnZ6mgZup6qVCUNI5K3vIPXaSpH4YGcDLArDxcK6dVLeSQQ4pYiw4GN_9Ss5JCYfU5OEUk-vYlEaN1ZtKfBcZmBeVfElOJWtnkmyt8PMLV1jjBDaJDZ_vDcOc1HyKDFutb-jIxubu-FhFecqdiVuxP2kzzNLAdfGcTHYqPSpPHoM&offsetX=0&offsetY=0&pvt=1700638365712&stime=1700638368958&etime=1700638368958&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 84DF 21 KB
8 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:48 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 84DF 42 B
107 B 51ms
50ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BERizzfQWjVhw75a_Ko-n8CoDJYoI7KdwIVG1KZ3EqI03uvTNs8HajGGNOe6kkXA6dQhouOroVcKbyyTP9IVaqfz_ORQ&dbm_d=AKAmf-BScgoDu2LXNe1UrA_2XsW0qCzeKlQ1VKt2PIIAX0Dmngd4aahTVqQrcAYGeXOzsVkBBgiBQsEDmJofxraJOJGcbsyMDqZMI2eRswIC4km3GWQcokkIrYBDMw5YTxxLPrNZIUYvV2OSiaFcspitRcWp9dKoO0VZ_Sj-JWcfyzjQ5KTAikpsQhYBY_x8EPRjHYn-SUYvrfsW8JuqQlV1Ians0H2MafMASx1a5gIq7eIwpRX4ivMex8XLYlb8A9u4fGkDQTbQ8cM7JYUbZk9gXgtQbbUZ8iLNIydfmbnJoSbySdwdIUHgNEhQP-Kndbqv9n9nDP9sxFYjlmGV3Q9crN-HbH5jy9rnCt6pMFIY5_b5CjgKZmUbymw-GEQx0-HBOWLDcjQq-OWKFxyA5gTKRWbyWDKmtFIUz93vKP_akyQAtTq7NPGylps3_GSJ46R-zKMbEaOMxSdgNv7z2zr8KjIaVM6eYHS-F4gImYbWT26-Dm0KdYDo_HeqWAPqThAhJjeIFrKmgQhCHeSCCA8YoxqnfdzrOv6y0VZvYkTauNKIj-eMRH7aLifDs-lw913oPfN5cKlvubYRInfqGIhoUvLXL8fSzSnsnbrTuYKX1kNC8JcLf0XFjFv_Bmsd33d06du5-V0-KB0YCOm4FLOcpnBU98nNRvegxqP0E5FhNEKzv87pqPAdA6latvIaYx4pqFsg_dwpxDughSTdree_MiXaKsaZbDO-_FGw9v6VRtIRKNxgwE4johYQgeEzk7Xf1OB-ksP-zimxDvc5c-R48xHgtX3sP8W8e335EpDFA8xXjsQk8H54plV2Wdte6AysvEewsL1WG_E5Ymqz-lCOaIt67GUL81HYotlkNVMYDfUG6CPbH5eY-8FKpOmLv-oKtjg0gDqg1CivLKjJSiDHky6cgeEb-zBaQSOD5UF3J96zxSIhC6ITHUOjQDOW1eEhD62pmCfDiO0sBd8125CO8qKW_KV7um3OBeFvyXf9C8qcXhHKw8WpJN_vzWdWQjmgvX5zgr2obW82MbfiixV2RXr8iMxN8VDact9lvElwUHiddPSI0NvKNLEA2jJcVA2CPFo6cl9yo6GMxORBBIi7X-QoQiB-ryz260zFkDzsqvRpa1B9c1xSJUd1cVOycC8aylG69GvSwB-Wi04g8O2cvYpo8Gflh8_8smCFMWFjxf6v5tZjn0PYNrhsvXD3HBRSVhWgKzcKKj0C2iDvq3XntlyL8Du2AUx5B3-Gy1q6U6769tYACpLnPbM3dy-0RCANjtnu1n2koof_LMSi1cJl97kNF1A0gEL2G3BaQHUNfaly5A3KzKpTGkiLRLw3SXIylQ12CkOwb5nCVxDNwPWWau90bMPg_1Epm46bqgnPWLU_LyPbJc8ovwtbOc1ANHWZRANpCwINCDbTUpWUkWthNIh3b5ALkK5fVwwRgQrCZrhkN1jKQBVyMNGu7YTCfMhAs8W0RAvJ5XZXy8jiLlzCz0nLP77CaTkiDboCKbL8AFaT5tKJe-8NA9ruPCGXgF8ysqEeOVzTPrzqbtWdnqeGAGA1a53ROvIQWx9Mj-alNqkY9jFcT-5y504epAjkl47lTrXe2ymIND3oVs5seoLYjzKD1EKaHMkwau0x4RekJ7tdEPEMIOOKtYWP1ydmZODKFA8QHgC2hkc28dfKhMEABtNYeqDvardSQVXpVMARgjijMGwWPWU53t__ez2YpWJMmtG7WTwrKLeI7K-fJSMuJqw064Kd4PcpYslp6yCHIQvRss24zwcrSJwo04l9o1hhuSUtHnYBBSjU_N5wFhcRnyADBAWp6Qa3mkeAapghnXZl5k8FwNsacaKmbXTvT294snU1ZwqyU4CUQvg3qCqxvRDlqbsBmqAmUzLSf2SZeSl-njGDjVk4vWR3y1W_JqhJT-ueZei4gP-OHP1nt-g2fN-gQr0t0sLBv1ejyld1OKIDp8PUnci_sZu-GXSQeRhAbJevcwTahngJ9LPYpLF8RJbyvhwxeg0mXmn2a4BUy3NJK8CeCFr73KkQEhQ7-cHpk_mJOd-udBzBGkwlMYBSWFLTu6xMwQugD4xlGHvFLDJVBU-iK0vtE6JOZ_LvrRT9xRZSf4tCNJSqFx0RAgFFL8UdmOWIJzYPJBxT1mu7iGtCEmFSxbUPFVvms3kxwM5yp8iO9f6dbnvHGVbYxtV8jP6vYeXOt2zV7AmXJKv1auPV4UmFijx68oFfpC6_S4UatX-EDlRfmCB8kec5IgkX2JgcRy_0jG65-FtJKWPtJo0Bdc6rFCVCz6drTxiT4ZEg4QZHWtQLuFUoiF8zI25rblDG_t8o3Ks_Jrv9L9CmgUkzu-x17ug&pr=67:1.763584&cid=CAQSMgDICaaNZ3lpL4IHyHRerfKMdUkt7Fhm0REpprzBje6sULhIgToZ1uAoqG_lyIbYUjtSGAE&dc_exteid=31371240695154357277487752517878607&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 6F97 43 B
394 B 24ms
23ms Image
image/gif 108.138.7.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=ffff5e979319dbe6b2d1
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-10.fra56.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: zJWD60oVB1NAoHJfgeCflaHUn9WXCRJeU5PK7p73SV9q2lAqDlILuA==

GET
DATA 200
OK truncated
/ Frame 2533 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 064f931f0f077b50d9f416898e9ec573ea23c64c8c391cbbe9b65d6c0b6ec65d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame 2533 699 B
1 KB 24ms
24ms Image
image/svg+xml 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Tue, 21 Nov 2023 21:50:24 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 34946
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: PMWBtdhkxqXpUF_PMxsqIcZFUnE5v-oImz_J29-gzE3KK41XJFCCxg==

GET
H3 200 2377972996091346984
s0.2mdn.net/simgad/ Frame 2533 164 KB
164 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2377972996091346984

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb570915065b0ec2ab1de72c19116d5b5d1e2a0caafcfcce19bbca14075da8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168088
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

GET
H3 200 9871149676746416428
s0.2mdn.net/simgad/ Frame 2533 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9871149676746416428

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2a7c1a22b6efda1bd648110cb8e22b462242c29fcd2dcb25a5cf96d8d0bc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: d4f19a9a-af22-60f6-8926-2a7b3abb2331

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 2533 133 B
569 B 118ms
117ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 6657edd372823e68a53c23ab49e04d0e474c61c3720a08ffb7be90d97e04b9e1

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=199b7a6e5815ab9afefdc371e7daf4373deb9f45408de5213a3273f42b6f8b4d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 383ee617601c99c9685fb6d6b692d31edb4df1dfefad5c5f6c9f140360e7e6aa
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073249Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: f5a58f72-6d22-3638-a872-3f93f8bb75ff
Content-Length: 133
x-amz-id-2: 8cgyGmXtJQrAht9ZRskXYSWgvBZbGK9yE7W2Tm7Wv4xqSY1UK7d/SB45rOKdXPLYuacuiASwT4Zhy3wYFcs0ejWAD+2sgpfA
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 2533 0
467 B 42ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=6049309070596610198&plid=2521236318193655889&pvid=3412321029763324371&fmtid=52&e=16&rep_meta=riZygIQmxpA05SAjT6qei8jrf8_6T7gNlTwpPdMCJCMFghMYGaWAHa9DM4M5fUAFX8jc0r4cLyxAHm-5C9huR7t-09L1Att8gEdimuXPdtXnTvb6fzx07yCHN6_x1nGPKzajhe_6b05eKseFgju5dM8sXZOEMnfmbeVGXhJKPZCZoatiXAT7HboeXKA_6T9D_9PHPf6-CkqFbTLw-CW3HqMJWk4QmF6npq5Us7YUaXu8_Eum9OT9hUu-iiksx3EJFfKgC33eLI12Cx-_aCF9I5hC6I-9onoH6pAGBKdDF5VE2hplc0bV8P-qCTM0SzYPrBKES_aKQzXo9rUTZKebgOlI1uiZ1W0UWRSIDjH1dinixiRatrCX-urEYl-gPk9nirMFZh6xjrw82O3QVFXaaRMzD3mf3UXkMKhhdqQtR-k&offsetX=0&offsetY=0&pvt=1700638365677&stime=1700638369103&etime=1700638369103&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:49 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2138 21 KB
8 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:49 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 2138 42 B
63 B 97ms
97ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKfiuFd_AB5Cg0QRuWEnToZG-mqDWCB2EIT-lQWcl_z8xKW2nkvK6_FGKYslXyo9dxNuUWK7Ai4Ucb9x-6htKPqqgf6g&dbm_d=AKAmf-ClD4BY_Gx0U7Yj3ve6rgim8AKCOnAyWRdvrpviMbhRQSU3691CSJm_m2_aeazHAKhiOZ2y0RhqMgPUguK0BMLAUmTYkXD6xCmBobpXSHPMd9NBuN2xAk5LrvpQ0bEx6dd0z8NyKiYQ-1J5EccJ-p7Ar2hFBak9Er1yLjo-17-5zco_qeTsMJfiQdUBUuPiy9GSeaF1z5z6y9B1-Q-0tE0n_VflE-PQyu4XIwwHjfx7GF_mEGA6fOT-KPxIOzUh8riRtezZ2yQYJO8d-xixaxOYh2z33lDsN0bP-tkkP8IPDcrTAFhFIPAqJPDh96n3bMgsG3nzIE-iLUraVj53pBpJ_dWla-uixdk3XNLz6d85EKw1JW-za8sKjyiO0pnAP-XYoC1QXB6dhbVr5xZNuOGb9-H6Kj5sBwuOuqhaqd-NH6EuQgvltoWr15I0Lh95R__bcwdb3t_JcaKQQi9v1tOvbG27ecgM8MNdeocjhNnMU6yrrkIFUbFqgYjW6VBEO94pKl5K-s3z7CddbyyqWCnIqTDpsHb6dMAoxMb0ZR5VLThbDJV8AuSW_eUHdbeKOPunW_dArOSqRi9Noy_nn_LPdtway7CwSYSDihQiDwTcT17rX2C4hq-huVU5V-lqw8IJPhEtomFLBFL-tvoCrFajdh-RlnChQUifbr8E7dh0nPszl57HK6vum1KypuigpDuFiqAbU1-ITkmFL8JhR73Ty5NIe0cMMVeDSOTsU7-GZ0zh3DgjSpbMI6hMrzZ6HBvXPBTPPdqicoY0zpqM4k-eajj7VSlkN2J9DMtRa6U_NANfQPOkg-vAjbSQO7jAHwLpPO_yy3gIUMmiXRjrA3_65rad6CGaIEH2k5LmlpvI9IpBfVs8T3yn0aCOux2dF2ogIvxAq8SlxMDcHn3_3PIsC8V8GqarCYzR7qkEl0txExGCUDM65YQwPZ7IbDHGKrqFRdxqe-EbLYbFP0SnoBQ0KUnPf3IACu5PhhrzDGDXXCjllRyoLeJOhs2yv3ihqGfvTT_Lzz9Y8cYQrg1zRf98wwiMIO7MzQz1U-TvQdZBoSwdt6nCiMALqlL7CS_gHu-nr0gKgsVYXHu3fIMemKnD12uEo6EATrCOvJJ1DH9wZN-imf1_MzBR-SABV3UjxC-r9SJEQ_aOn7IeVOEtpdGFC9N7rsMy2Kesf8tvdi39Xa1ggEJweuvlCQXRt5WC6T2JUOPo5N-QRDDFJF3lBURrIiuL14ecJ5lHEKuP_Zr_LwXe6KNCot3eF5yZpdNKjhosJTYA35UyHU2uR1rR5PorVt4YpeAFysFE5DO2GXEd1CQwtOMTtedATosYzolOjSMF_LOekc4te_3428OZ1_xM-Jg0hkiCmjPJsnl4LGwAG63YoFc44xJUL-ofni1hkbM-p88-xxo4ASZR2r-c160O7v2d9PV2WwVkpVx3n_kxxDM0VzbxF9uQfzIatlz_fHsHoSDQflD7c3QuUuhprzpomeJaZWWhZ7_xipTc6PXu7MI1tZxUMbHtgAcAQj7Xj7pMMO2TTbBp04-y2WRVXAwPQJKVD2bydMHIK3ccbf1Ff1ySWYgqLHW6mTnpsdB5GrV_WicYbnox2xa1GWsh6QjIMYnvU3Kmhk1xG57jUWjPcby5g3lMYEt35nIc0zoe5MpMNe5czTs4jQYd6RXk5vrvwdBb_QaGnYfO3ZYr1tAZzev0T5xjJCE2tv6Nlq0fdV0UBqVbY-rV5y2ofFzaY7sKvDpPFooSqr7957uS25roRG1RUpc4ZuSAulrF2AORfPcM2PeiVUpArQI9ALbdLQ4Oisuq_EMctGtmjSJg-UGGkWtSCZu7jo_njJ2TiTI9aSpQUaFYsh2vVfpnRj5-zbN89APIC6wORjMIPpNpsXZREmvKcdTUrjBhsb-u1qJCMByLhUEtqI-i0CygLEurzdCDoCqv-iiRAYlxmhWbWnt_3W0gzUfjesfBTJpR6N_t27dF0oOreRIMKEEuiz5UTPDDFOJeIvudzZhF3UW9xWwy-LaL_FUP_NboU8zLB-RMRgxucNyIiFqykiOlJzSTCcKkQ5wxw_2FzbXlYsqE9msqfYnkFRA-z02PSmLfdDTNFg0y0vYRncQMOklVGzlrPH3sNrDrQ-LnItMBaAykIFFFGFmF9LYWolUF1Ju-fyFn_guqvGwIKtnO9zBTZm6FitYNikKosGXorfKCyMTQr8Q5pjfZVAZiyjwxSDe-Dhga6WKuv9q8BmvW1PSZLaMqJHazJzWdLPofJ8l6UxgdmVgY_6O1_vRAKY_P2MlQqUie_7BHjmcjzWJC2WBim0-iDfwKKufONpfSQmw5IJgjo-zAoTb8Lrc&pr=67:1.763584&cid=CAQSMgDICaaN76ZqbSuMgka10yFF_kphegL7kqPkwLZYdrhKWwwFBM3ZKA_wDE0tsWSAKR0_GAE&dc_exteid=31371240695134379786098538206210765&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 2533 43 B
394 B 26ms
26ms Image
image/gif 108.138.7.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=5f1bd0e23915b8e9382a
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-10.fra56.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:49 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: KsGPC-EEbmpQ6NIs_KWph0M2hLQAZa9cq19WISyRzzg3V6ZXrDafkQ==

GET
DATA 200
OK truncated
/ Frame 256D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ba94c52637b2c45e037b7d2a59955862ebf2da292d0729b9bfa2d45c0ab0315

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame 256D 699 B
1 KB 26ms
25ms Image
image/svg+xml 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Tue, 21 Nov 2023 21:50:24 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 34946
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: uqG9T9h8AMDdvPKh3umWhR5dEFw4GmbtmgdNHsTjDIBO6vdA5Av_sA==

GET
H3 200 2377972996091346984
s0.2mdn.net/simgad/ Frame 256D 164 KB
164 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2377972996091346984

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb570915065b0ec2ab1de72c19116d5b5d1e2a0caafcfcce19bbca14075da8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168088
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

GET
H3 200 9871149676746416428
s0.2mdn.net/simgad/ Frame 256D 2 KB
2 KB 25ms
24ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9871149676746416428

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2a7c1a22b6efda1bd648110cb8e22b462242c29fcd2dcb25a5cf96d8d0bc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: eb4c3005-7410-aa36-b69b-80e47087cbbc

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 256D 133 B
569 B 125ms
124ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 2568c4a6f6f9b752a6688472ea393b12fa06edcf0c546afa626de347b095f665

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=0697db18b7b09bec0d467f8aa3438e4b5446d42b86b2b12b79a2b8cb995e788d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: fd8568d9b74702c1e27598f29b34a2f53f2f52582c58b998ceee34aeee1bd1bd
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073249Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: ffd8946b-797d-37ea-a20f-248a7dea5660
Content-Length: 133
x-amz-id-2: 2BPkCUtNNYl5InfVTst7WKib3p9ZN6vwrhGP+jS09jsEC2VSKVmBdctn49hgdcm8cFzTwt+Qbo7FeOnjY/Bn2GknzmTuc6sW
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 256D 0
467 B 49ms
49ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=807116992221032196&plid=2521236318193655889&pvid=3412321029922691702&fmtid=52&e=16&rep_meta=67blbcalxOfIkrIcYn3ui5iXE_eM_bvtoAVBPm1CC-Qll7C74WaTRrQg7R8SeiDI70ZB6qnxG3Jnb47tvcYc6HIWBwvnWqtmFZyO2eDzE7rMZ3Ku_JOrdOO6hleNfb3sjNvA467cMNmH-Iej2KY9-BAIfUTAHSLKdOMjYmj2Mt27cz6sFIjfPi4llyyehh6ak1YYh6H9Rm3UAUwr_p0FmGvcyEBQ5O8cFGT_jzyUOofIeyYYZTw2m89m43VtZ8zb9m-AEeHWRjb1Dyn29PSG6Jn0JIjL8Tuv_k4eOyEbNlCvk0hpPSzVhQAQFh6T3Bvfj4ih3LWpzCtIioDxslpGN-_i0ZMzynP0QJ2rGGA74RDOhQyqut8u9QfdpFfNEbORoFuGRoyNWYCZ4heW_-NDGTtrk70aTVoxFeYt0FIit7Y&offsetX=0&offsetY=0&pvt=1700638365696&stime=1700638369243&etime=1700638369243&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:49 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F593 21 KB
8 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:49 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame F593 42 B
63 B 50ms
50ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzX4-sJKZsSns9ctp7fLfcgMaNEXon64fTCmU2CveU6CdXA2KzWjvR3oCsgsCKytSmKHv0-CqfewGKH6nuSgJjc6QcTg&dbm_d=AKAmf-DfVlCIUwGRvjPk3RoIdRLjdl93aYGqUmbC7Z0-QjsUaDGOUi31mSJgyTGtOTSOysLUdWbdboLdO21OYaJJMZT09WvH5Zo0q79adh78oQAxU0k0nB7RbpdIP50jblNdkK4j6oEi9OgKdAphehuSscD2WwnUDnKlzl0-P6kgjb2Xe8ffIO8jtul-zgNoqyKQpxaLf82Cag-hlKYi8UtBhTBg2RQdbyU4ZvXKfnJrK3ZBpzMQ8LMrKyrb80tbnTtIEKqH7OLSsfFcMtzy-yW_x6OoFCVQYOC6IZP6Y8KJrCZTDt13Bdeo0CljMgMtuM7XF7n2O14f5ihb-xnL9LLOaaNUvj9467i9tC0s2a9mOI6Jdyb2QocLZ-8XpLCEzXEUYWn4yrLb1o9u_OFMXEljFOILpTPvAyHrD3k0sZFdwKRDlfiHe3QeeVhVc8ni_5KuWg_Bq5GJoHc6YvT5REypioh-vTA9T2qlmr3y_gdr7Uvojh6wIOno9O3pBd63radJLWUYUHlDK2X359drBFpYf0zxEA-x-SQAfA8ccpL3QdUF73P7jMv-j-zfIhsAocnKM_Wy8rx8o4-_46DGIlIr3F94gh-YR1pjl6asCrehch8doHOdipydpHYJvuh9c_kejV4bFg7geQcs0G5cAR5OWCVviqn3tbC4AFGDos_gFlDOq_31mPj-V1c9npsGxQVTYqZx3v088UXYzxg2doq6B6KS8VzRhBK_NpNZU8mMfpuX2yfeXD2biPzAry1gVkcgEFTHB64tE_K9Ty5upstBidOQPbjHsSCXJAxIQzdES-O9MeJw1Zg6liB9fo2r7R551Mnuj68emL4d8j91vgpmrmWWaTtDUxyPqnuyw1FmdvVFD8S_j-YVDvO5KdajS-pzdtXO4tYaDM7yHj-zH4kNvBVPx91fOS2Gdd7RAc4uE6aUAcQIiRbGHBSO9-m3dA9GysI7iANpKy33kO-Y5ijwBeexBYX6749kU66dWzNxIfsAb4b56ZenF6ZQCD2MOFaQM1O59c5aC1siKd5pnKIHF18OxWXGbknHC18qGy6wjVMMYgYZtqKyJNfO76db2aSahR46YkL_9fNdzfc0_Y0WxfLZ2oQpFlrQo9SsF_3YxLias8LCUcccwEz38B_igX--MC0_rQCLrDwD_v4eJW8JzHcMKIaMRu0ChAwRJeQL9Sq5Xxb2K039q99PqwvKGQ5Wg2auZ4DAcblbZgVLwOK41iBCoBBfDTlzK91s61P58UpFgGYikuun_v6dp-kLCHeRi2pglRxDv0oaDDRTK6K6W80K44MfAP317HasO40C5MRoBP2wUgBVbo_1M8yiQHn-HUNFvBxBPnopxWN5LVBweqTD5kWRI5CGYol0ARjk6CPLVOXSs4JtOmQ5xg7c8P5mkGQrfww6f0PNCKiv77s-cG9aL-BmlgZnuc-2NHM1Hl6wex4jIIjDj09tkURCxYvD0eRrLAVKYORfpeBCDgTVxk2LAWkYl_n4j3L-Ftb64DTkvIksREB8TME21MsRzw4UE03FPF5UH6UR11QHRgUhzynMnF5ega3VcBUFB1OugXdBkLLbOFSJWtHytN61FDR41P9DGxd0wfpeLFY2N0ux21Y56J7SlGwVitNfPKPRbMH1HmEEkcugULL-or141WlFMMGsiedIREjN_dVhhVPinkuUveI_dp1Y__9w7dbPl5dmqMFqRPJkT7ppRiZPgyCuub6udDP2sp80I4c5qN4nWrrDicvY8gG_6M-YCkwFgl5MPtQIARnAp7Yz-nuZMjPOtf6yErtcfFcqQUEtDE86ACsKGax25qbOa3sYlVJeXuPLn1qrju1-u0_AHOxLDxTYBC_oa0Ktwsh5B8bbMHjxOZL6jP4qApwelP-9pAJPEjoh4isQLXi2HjNyW1Di56qjbBbfjHzR0u4ebmFxz2_YvW0cWLSSfyr9I9iAM3GralNOIoiLWmlcSXzrf3gITikEQqR_75ds63IdKHVUhgVxtBxfhxrKnr7NriN36MC3NZSw6LT0UTqGF5rZ3cWkwn2n72caY-0COAbB5wjWb8aihDd2pblxlMXzlgw0QMKDwFwO1twNloTmDFc0IOfVSDlEv1aFqD0EDa4CaZcAZESQ0nrc7tSYLMVc86caxLZ2L0501bFBLMKmmkEmxn2FcFjt8Vmdr2CJXlMohbWA2pegQwsDHkL74UXExibF5qKI-MdgERJchAo-b3ECkyhliPb_VGWZoag9d_aPMHl__x8P7HYXqhCyftHGSdzjvUlT1v14QNk5kf1SZy5cGq-Dj6e0XIyQTyD7HHL9fFGfnjYkeZYNSiGZ8KBAGw9PNrPdPCUZJMQiJuw&pr=67:1.763584&cid=CAQSMgDICaaNHFr_3sVZT_S67aly-zqcSeg-8DxHFZ4vBuh4rBOcrUpig_x307qlf0jqHrTBGAE&dc_exteid=31371240695109329107754580814340416&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 256D 43 B
393 B 24ms
24ms Image
image/gif 108.138.7.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=db1f706a48e555ea8189
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-10.fra56.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:49 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: brLigtL6crDAh7sff2-8XN4x_srjz8RSxG_nmqqivUAjfWK9jiDB0g==

GET
DATA 200
OK truncated
/ Frame E4C8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95c40285dd40680acce8f9dee923f4bec456e53c2ecfc0c8e80fe473b48bb71b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame E4C8 699 B
1 KB 24ms
24ms Image
image/svg+xml 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Tue, 21 Nov 2023 21:50:24 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 34946
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: kA3Y89fsoajRI2W5qul5CYBPp9CDVt1vfstV8e6jARiHU-CvCupESg==

GET
H3 200 2377972996091346984
s0.2mdn.net/simgad/ Frame E4C8 164 KB
164 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2377972996091346984

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb570915065b0ec2ab1de72c19116d5b5d1e2a0caafcfcce19bbca14075da8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168088
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

GET
H3 200 9871149676746416428
s0.2mdn.net/simgad/ Frame E4C8 2 KB
2 KB 24ms
24ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9871149676746416428

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2a7c1a22b6efda1bd648110cb8e22b462242c29fcd2dcb25a5cf96d8d0bc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: ee49d398-aaae-1ae9-b39e-63793f37592e

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E4C8 133 B
569 B 119ms
119ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: fd78b671404104f6db1e72f41217d187b59095f680f78ed3ed3119e4ed721a75

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=62e99efbf187ed5ce0a5913059452fea2f32b6b09bd69878998ea58eef86f08c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: f9d62fff1f8093155cf22d9209deb0ccbfbbbfce7d13256b03cba27819bc0b8e
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073249Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: eb98b565-fccc-8b7c-b64f-05846955c8bb
Content-Length: 133
x-amz-id-2: 1Vl6x7bJFoMLqN+E1xgeCWp8xIszuUvfj/4OZTpgMBDtu5M3xxAvO6Ijoi+G2ZZsshRc9Bve0r1YZFzcp46aPQL74X/lCYA3
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame E4C8 0
467 B 42ms
41ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=5821936934030058024&plid=2521236318193655889&pvid=3412321029704597280&fmtid=52&e=16&rep_meta=wp0oTkO9jiLS7M397yo0MEJ0One73RF8IRkoc_4L3V0EM3bh0jcQapDq-MlLORlpXi1TtnLwKu5mLy3_BNV1S9D1UkOc2X1kzEVPFOEYD_JUzLfubctYX2jHbyQ8WDy7kVTB6MpUBSVidgv36XMVUnZ0Sbx1Tcdh1PZGWvYUubanAsGGsV_3C4nGDdsimOWXG3eJR43hK3Iv8OOYzH7iGHKBoEIEdFSBgy8FZKycprERi-W8bjSQCMNOZXfjVcpsUPK-Fi64y1-2IYgiKiNuKzNKxg31RbsDLWZe3ifgi6Wx4pcZMmEXKaFZdzNmNkiEWKTFh1CNPOTZlsoyQ5R6mjCHmTHzKzcQPwMmT93tPRPRWUq10zwim1u0HofAEvWZVhge1D65wNdWksCMrEqipyfGE0AFyng9B7FM3O-m0SA&offsetX=0&offsetY=0&pvt=1700638365670&stime=1700638369378&etime=1700638369378&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:49 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5F8B 21 KB
8 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:49 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 5F8B 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DK_oorAxGvHtjqz6NmoddVuBSDjI09NPkku4eEaKti7JdbXCIgYIB9nIvoLQV9ZJHaWG-G-jScdmXsJ238fzi16Or2bg&dbm_d=AKAmf-B5SkiWvGeOS-misT2v7JY1UOhIkUJ0szMrkn4EycDX_J8Op0HXbE0dEgz4P0IO5QafHjPoPPTkvCgF4QSAjjdM0PkesvUCZ7gkypD7F3SKOt0F5ZaxvQFfXleSBWvMvC3SjqAaJVvt4GhPQ_ANOvi50O8_xmA21MT9FesBfNlutq1QdGySvw6IuGbZAjhWzvMCyJQwPcDTJJCOAFSdw_qZnNb10AEVPXw49t5d9vc2n1j7WRh3PKun0fIIWcIr61x_ODR5lN7ACObgflzZ7wfieoZ1Wh06KtbUnxk6ZwnVcG5nsvoN7eNZmQn-blYEkYYFhJg8j7JQ50dnitXrAXYwqJ8KQlzwbXDsJX9L8Gmi3aURgQyp0qdzRmXkitILfeY-UW-Bj7Zo_hXjT_yWHK5zfT11uGqo3CDc2ZYs2CSJrvzvf4zJg-AAhVgkSoRi5XUpJEfzsRnh1hIceF1dyIPvWMmOwGvYws06ZoV1ONTJYkyI_2r4HN-gfSlUwueXKULfXXb37ZHA4lCzQSEa2rb77a25qzFZtoVMy0opSrKQN3S6LGX3SM5v3XhsdFf7mnxuKmgh7pQkMUQhwd6sq4eiSQc3SuZ03WrsUove2buaKhfK7G8gt_P6hTDDniZPPm3-YFHrTBOsLjT_UBDxG79NkyTjALpt5O6iVsz4XUuhOWNqH3az11-QVkLH6_7lp1Dj3vH2J-i6-rDE6Cek2nyvdCWeoC_TsqZI08-tHfIMN2XYhsfvpnH7aSlrgCVijyDQseJ1NNS_XyTdASB0NX8zPmB22cW2FXRrnsL7so5PgltLe1gmIVnnwUKJnTBzGpzKl5JXaiNI1RH6m5U6XWCBmOn2q1xOj40V6M4iO5oxlk24HiryUvf5uo7aC4QQWNjfGpgLHjw0UUgbHcjoxIz5-GQDAu_rCwjuhoO9t3Dlt1F9nFlSS1F4h1thFL63SNxh4R3K7GjyVtrkcGJV1F9SW9a3rIGX_yCVYPJKebpyQ2bGPzqlUYNM9wbWu_J0_T_MFuCR0Sd3NPYmH-NxVUMlRxVyPhdQGzSHSOeCOqL8cMdbvff44RZm4ekEH-1c75LxjY5xGEQ3AkJFGJ95X2DM6rer-9xvVm3bJXYaiq3ENHJOLHKJrhAnLjyD_hqjcjDgR3lbT5apQkG5wZxGLm7EMKA0igDlQ4LLtyAINy5cob8jfrNVg1eYJDfTf6LXwVqoZGh9rFYxO0Wuolg1GD8PYElx1NIHfMmacE0H1SarniOy36yVWVi2tb72zRkZHNiIrXCS02gooOmEuaoivzuH7yYNgczZDXIR4t2IXBmpe3SDdjCnG8o_OluToDZG1cZ6MEjvdY4fFDZiJNJv2KdoI2nLCMErrRXKZivvVuYOzJQceozZN6-gT2A-gFpDLWKr5U3GJouDl7UzKDK5MrhkuM83H2fUdpSaPuotIZA_2k5Cl4W_0Oy6C3tLRkX1iTPgm0HKSBMfYZJ6YRtFq5P33d36-H73ys6WbmMOT3EOgcwUQ4W_mOu7dQJ2CRfmEegCpUN_jHiv4pTsO54fz5GcpGxiSLXmgkYDi_Xw8JxP0KAYlWqrk1xN8GMAy0vOPwjCFkqIOFh3SUeXNHI6FeTYOZ12fu3SERe3RD5kLCLycRiDc6UNljOUyp2LXOC66oJzOlKgSkMrMagNI5FbuDyoX0EehImJ4QBaXzj1ysknhS31c_cBqI79ZvK8MPpW8NcvOYD3SoTgvGEvMN9tac_cWb2v39XP2X3Kycyy1OeGbwIj1ptLIPXNiRpyiQ53XuQR3sNorZk6dUQS29s7hoKvTbAxFnourdQ8TrFTG0vNmlnnXTJrqyw3OYQ9mKawphFJKEB1KwybyRT5BladiEBV79AfLAJnevxw0zt-2HDtXq8v8V1bxdaN4r2dfhVDvs5auLkVqIO8Gr0VnimGZRQ-RnNbK_pqVnLXTTDF9RRF9qGwNHPUnSFDw3YjnYPC4P3zUfwysG7SwD7AEJgvSfbKAMBowvnLW6njHW9GDVKZMcIukqwAQQWEuwfJKSqc1-KdwRJ4_pSEDLoWZOtEAV0nYA-PPoUQkBQF7-lpvmNlpFfqQUL1qzd2eXOTcwM8D4LYmbKC3kzFWf1zS1EJV2vC-zq6_j_6wls6io3Y1Y5wNS2GesOUfQz4x8RcI0qwrA3-Vv1ornYhHueHGU-Owq5XPLW5dYl_vOKQpKvHLsGLTdHzLytjwv6vQEvBcBy6eo4Me0PvfEv7ZUCFeialQo0EVkyg0xdrfCksRDZ9dJPBvmjuTuqg_3rO443wksRXdWEzXTwsAHiZGdP-AJrWYzd9arYTLw&pr=67:1.763584&cid=CAQSMgDICaaNSfPfB2uVTUdj_ayh0F-5NB_nXlXbKsRYuT_67ea01hid3sTVN-2xoU6SNMkrGAE&dc_exteid=31371240694840061779409350936759739&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame E4C8 43 B
394 B 25ms
25ms Image
image/gif 108.138.7.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=c39cc9c4e5eedc3b9878
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-10.fra56.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:49 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: dnErCIWcflCUFu_oIxgGy86UH4HdCEBS7IDtkoML81_DGAKAfGsgIQ==

GET
DATA 200
OK truncated
/ Frame 5706 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31c191651d39bb217303b26d43756d5b1a33c7b1caeed6c00bf4b84e18684bd1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame 5706 699 B
1 KB 25ms
24ms Image
image/svg+xml 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Tue, 21 Nov 2023 21:50:24 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 34946
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: PEeuuLkg49pMQQiKkfkKIE2_wTxWVMkn7wnrowKfmvIEzKr5uf8uKg==

GET
H3 200 2377972996091346984
s0.2mdn.net/simgad/ Frame 5706 164 KB
164 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2377972996091346984

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb570915065b0ec2ab1de72c19116d5b5d1e2a0caafcfcce19bbca14075da8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168088
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

GET
H3 200 9871149676746416428
s0.2mdn.net/simgad/ Frame 5706 2 KB
2 KB 23ms
23ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9871149676746416428

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2a7c1a22b6efda1bd648110cb8e22b462242c29fcd2dcb25a5cf96d8d0bc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
113ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: e2db4686-aff3-81c6-bf0c-f667ab64e04c

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 5706 133 B
569 B 116ms
116ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 2e5639a5d8e9448d505cce0e874beb30aa14cb392ed1ff0d16b16eff7647894b

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=301a9bf6e52ff63939cccb2ea6694614e76278461d828e8edc080bff3d7330b1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 6b6f104f0fc5abb8825841b74367e43cd60f1d9b7a2c7fd49de54fd04287ace1
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073249Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: ee6e4d61-98b2-6ba9-b3b9-fd809c250a23
Content-Length: 133
x-amz-id-2: SsuMdvz3xkUsoHkvnSM/Hzl9L20QcUKVfkN0rloiqmXA9lO+55lxH8TfPr8qe+X+V2cdbDIw4Oqfwpciic1ZBRAd3tf4nPCP
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 5706 0
467 B 42ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=4594336479232666576&plid=2521236318193655889&pvid=3412321029872369502&fmtid=52&e=16&rep_meta=wp0oTkO9jiLS7M397yo0MEJ0One73RF8IRkoc_4L3V0EM3bh0jcQapDq-MlLORlpXi1TtnLwKu5mLy3_BNV1S9D1UkOc2X1kzEVPFOEYD_JUzLfubctYX2jHbyQ8WDy7kVTB6MpUBSVidgv36XMVUnZ0Sbx1Tcdh1PZGWvYUubanAsGGsV_3C4nGDdsimOWX4SghGtqJKIrdSX7WRXwpDBkUT2fOwsrRiRNkYDFr2XkDomVY2Nxnna6N68yi85kl0JJC0-qXXFEgTukrvoP9iIYmZdrcJmTDTeSnZeLzr9unSgyygfTClyDg9ZGMjf-rKqMfNspMDwNhWeHqPP-ab_iauG94W-Hklck7NOCEbR_mJHiAmdhD1Bmk581wAX3Q7SXnxC_9cV2V6sTu2a-4MysA0RNNUFeTy2oRludeokk&offsetX=0&offsetY=0&pvt=1700638365690&stime=1700638369505&etime=1700638369506&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:49 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4C0C 21 KB
8 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:49 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 4C0C 42 B
63 B 59ms
59ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCEIzl_ye6q8RpfjElF2NzQ-lquODAwgCTOW9l8A7dZUJK5rZFXtdwBTEdDsNZGi1w3qL0q9p71X9q1E79TV479Pwtiw&dbm_d=AKAmf-A4Gqv_2rfhmEWuieiIf5D3TGH_lfiOXrBMlkSvwrssl6aeGizN6mMjDxEmFJFLzBsRIkUu6LrdJoZwb1Di7T-jifcHzIrRdj9yucMHV8K39LnLuIZF4JNSOoXPqCcWYAKik4AkbL55ouDzaQxR8I-6DSR-Smm5dVOGJeAko28emnDyub43__JKmlhP4P_jmOsutWSYwbKruq7szGXl2Wo_0mQ_8GnkvFLg8RebfwE2V2jBJjSy-qSXgeJBF5EFCHq8RA5FkT6lenYa5xg880L3I0bsRp2Y6EwZckBxzulNzVY-WcuZ74DnQyr_Fk3nDXR6at2J-F5jDQoKAn33QHSODrgxKfBax2M5X6d9KPstAENeCNsCbyHNVaXet-BtAp5JvXnMGzL5yCQCfN_SiPx8tI4fr92HOenAPFwO_BS-bJ20xxRHHdM-kYLBy3B6yquD3Wo-e-p1S5e0vmDS78kYZM-OREGNl0Be5436X_wxtWPGP_SANXMT2LcoXbA3c9c-jHniFLpCtHbuT6sp1-M_Nvz8yEa88f4PuZsa7z6tzScc8R3cdTQ35t2jCcXIedtRcXgcdGXY1rztfNTwCN_fpBpWDSSQAeYU5PJfCGzXjRjN_PdXdwXv2DFz9vjfQRjW42fFb6cLe-VEV2kvNSfJM5c2Gr3zFz1Za6D4-kh3mAlvWPViiss1eLQrCr1yroqO2YIrtetIXq5cYqzpLobtjn4z3lV40fBb2dP72nosRVziqHRY_yVZY9WaoHyCxYuhqXsTKNCQjuiI21zY510a-ukuJv4LXH9RMPZBdHJUKi7AzqtiQwYx8p_pfFgatc8_-BBG14G88rIZgV-eCBfHbRur_-Xxgsv5-Fj0Y2cTzOQbJs7r7AhQkbej-an4XpR5nUvx9SsBSFYzahhQN_51ogytGrxrCFS2ElnzLWy1_3kZwcYuEKfyd23DKjHA6AREOSUhk4YL1BZI8J3AM2ko3jcLLbFQKtAIE9QAlU0dGSiiZcBNPFCuAU7RiCw7jrc0k3qKD6kxT_bF88pgQEOThX8VFdu4Am2bnzrZhyvB79shfnO4uxY7z_o2XeBBFfj-HVNZ_Mw8quJPTC5d6QiJNWl-ilD5_Z3l76Urbta7jZKl7Gr-H2YdazohNI026vjW_DYeBZeRaYx4dPFGx5ybarr5jGEjSV5NA7Pvv9Gyv-d_fW1P3nVwu3mAAM8AK431HofdLPimhSnuHfsYiDkHlPG-Gc3chq1X96ezxNDqRvsEx1mDbmnDvKS48E9vWQg-9GgRBes49p_KQBC3Ioq_UlYM8zDjiKQOZdzOWImkiVt8N9KBsS9Xu7wtVJJRHxHwujxAND_jcDOc8G66j6lUN0jext0eE9RnN82jHecpD9XN1VaAwGeCnjdMpr7rbUw85yI7l5TWzveDfKi8LAgpMaeU8N-VnJYmvmGiTD4FcrEUSzYM-RypQIJX20XVGPpZ0YJwzMUASP8CmkKBOekA5FvcJsKqRS1kSFfN4wzilXmdYnuCq504kPy9Eb2KZkBx7cL8wT11iqzlryfSnwcpqK1SvA7geTyxkBKJTOCiSg3t1iy3_i5mBy44ogryZfZlCwmhA_ZT2DP5GumDIrvcz-YDKUm_XwTfSFTazkho98k3tn4bhsKbncSbTHZPAEQ1QTPxJr4HYHlzfG37mLM2O-3rwX4t32t07W_Q4qKacl_FSeJyL_FY0LXyDqxg3u3JNUvfBviKNMGAGbNTQShmWpykF2EvKhGgdTrdlutuRVt1XAUbW6sSjmHAaqlTitu5xlh30EJMXNyJ3j0wyWpkQNqNXLGbRF83l9nG6bD68t6VGfvUo1Mvz756xsj5EiaBQmGU5ndEMhZ4dkk6KuRpDpi7sP5pZOBpKdSIRBEprHM2ER_yGKhgNiRBr8dHkl1KuajzQWjbldk-njialPhsZCaA5hGUaX_vCJHX3N_hbqhPObjUIPOq-rAmwFfKdEzLPFyhIsKnhSH24b6-tAPy6JZBZLv67PTmX1hsHiiyTqSy3tCf_LolrrSYDG1IJ01xq14i-E62iAcmbImvBydthTqTd5-14c9Vy26yiQ3Q0IeBUQi3muiq90SeLI0ScgnqB5G5uisUoOCQ0-Zd__hkRofQGA_AVpFuHoRn5xRUqhNryL1giO7rF9DyXXLb7tikHGrhp1sB3NbgD5rxRkHXX0UaAVTnMcjzEmRd2B-FlWDqhDQyTEG_-1tOBUczMtZkcZV0SsqU4jFSdKpri8jt5c5FaMYdIVqTbIOGdLfP9KFLbz7cSRCRK00iE9AtZKMyUXgQq4h3RPJvwCQRQTxFoFHreyf_InZpeHZySjtao-zDTjA&pr=67:1.763584&cid=CAQSMgDICaaNk9Tq377QjUMaZZJWm894AiCfm6iZ-9yuJXUFj6ICuj4peOZtOGZFuYVB8de3GAE&dc_exteid=31371240695032424426612621469687092&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 5706 43 B
395 B 24ms
23ms Image
image/gif 108.138.7.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=dd94cb14fd72ea875983
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-10.fra56.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:49 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: VYVIQA53NcrVJPadvI-4m59SBueUSVd0mGvDlZwuqpy4jvd0XFFUmA==

GET
DATA 200
OK truncated
/ Frame F6E5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db13da20fa0a6b43aab6e93d2dd03a0301fb7a0081fa4d745beaf39460f767ba

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame F6E5 699 B
1 KB 28ms
28ms Image
image/svg+xml 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Tue, 21 Nov 2023 21:50:24 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 34946
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: xHD8PyGSK3pmoZd_4SRYVj1lj1687cQ39H05qPz41JW7sWawNZUDig==

GET
H3 200 2377972996091346984
s0.2mdn.net/simgad/ Frame F6E5 164 KB
164 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2377972996091346984

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb570915065b0ec2ab1de72c19116d5b5d1e2a0caafcfcce19bbca14075da8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168088
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

GET
H3 200 9871149676746416428
s0.2mdn.net/simgad/ Frame F6E5 2 KB
2 KB 23ms
23ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9871149676746416428

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2a7c1a22b6efda1bd648110cb8e22b462242c29fcd2dcb25a5cf96d8d0bc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: f5157608-862e-7ac5-a8c2-c6e913b73902

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame F6E5 133 B
569 B 118ms
118ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 2f8e874dc205f7fb50d131c372dd437a7b2f1566684c7c73b53638072a3e8f20

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=ca9bf3138874845b317999af10562e28e0555286af718c660b922cc6c0f579cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: cc82e19780872c7510092a1ad72c39b338f3d74b8a2a9e9ee81fc2b19a85ed32
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073249Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: cbf56272-da54-7d86-9622-d2934fcd3e41
Content-Length: 133
x-amz-id-2: jLhJNn0D6QjFFHpaDezTeV5Qg5RYRpExEs6QByVJBZs4//6btbhKsklun00p2NmN/cuJOkywl7wPqItFY9JOI37hSZA8OD4O
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame F6E5 0
467 B 43ms
43ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=6732327714475285147&plid=2521236318193655889&pvid=3412321029788473950&fmtid=52&e=16&rep_meta=67blbcalxOfIkrIcYn3ui5iXE_eM_bvtoAVBPm1CC-Qll7C74WaTRrQg7R8SeiDI70ZB6qnxG3Jnb47tvcYc6HIWBwvnWqtmFZyO2eDzE7rMZ3Ku_JOrdOO6hleNfb3sjNvA467cMNmH-Iej2KY9-BAIfUTAHSLKdOMjYmj2Mt27cz6sFIjfPi4llyyehh6ahq9QQ9UxxAYFbwUDA9QKlLy-0zuzpbRO85SObJpKY-7xxyOvzA01qmNq6Phq1eM2aUrkklRQROZzIkQRW39M_KXVRWVAdE30HzCsVTQHUtprG8tsd8kS1tup15jUJFlD5GIKPhaEcsKn49NyhSuDxRdSJxiAJkftNrrYY0g_g3mPBvYrM8pyGHFbYRtKeMZmoaYLL23q3InmxDaOosYRsT0hjbmIk_k8t0vBeSrIALI&offsetX=0&offsetY=0&pvt=1700638365680&stime=1700638369636&etime=1700638369636&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:49 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B9C8 21 KB
8 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:49 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame B9C8 42 B
63 B 47ms
46ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6ajB77CfZpmHja6K2VPBiI7X75ar2yldoTsdHFohEDjtZleWvlxi9zrlxJvSYYHGgByYCbwkhHG3oF8Eqt-yujWDryg&dbm_d=AKAmf-CwcHtA4cZS00JB2ulMN3DkmIoDbq0Xrxj_SBPpRhOcC_h3X7TyExnQDCQhQSGKAJsIa0s-uYZayDuaGhD56D_qQh2B_Tcl7j7HQ2hCE9qk43YV3ZCkyKBs6aO46Gx7UYX3NCyXgkuCKb_JJERdTY1kHGnkzVc9jFwlbQXMoKTx2UJMCWBvBQqgnyb4IlF1QJfNKQbR16_JA9lLkS7EzVqqMEOojRsQxLOZIouGpsCVBxWWiyZSardtEoc-r8mmATRQLF1kEA464GFtV--4Yez9tsKOPFg7O5AYukG0bL5B34M1dUXvvhZkm1d2EwfSH7XIpg8DYzjNHNN_LDVf56mBFJ9jLjmFWiCzOtHiMMUCU56Xkr47yI2p2QWZ-3LWdqv3WFQgUAxbaPmg21JE_k--nwGrL0eXDf0AGngEzgvWdHjcegdNsGASdU67d1ilfv_RikKxaUHqNPltJv2zL2QrgnFfDkxgHggKEGBul-ueGkZZpmCAMYX5SigWptb2ZHvyXH1tee-ylCglL2R4FM2hp9lY6SZgmN9xLvcX1jqjmApFP1XjzDEeLryU_oBE66BpbnwfPk-2DfPDCiR5CSmUVP4IhLYizfNJKJfuwre0feJxXY79lboxgueD6jhsffoHitc5BB_Lp1QYxhujNBsCJAomoaZ3LV-WKbBSSxuqSZKcgkfMgM1P99hLty-c-O86lCFvgzcEa0YAT5pcn9zvA7ezQNpVgWR2NSl1gGIflufA6FlvG5onYmcHCAdrAA4CTH2DVZImM4eJE2Rb_IfQpaZxddZsZEf7LEoDtxHf3EOH2_a4cWfRi4bSk--xvtgXlUHF6kX-L222KlGOM_gpn2TxgWXLd91jb9MeKPwHr8NQjtp6vRN8t6vGrtUtsy6gR3Uw3ZwuOO-6O8lx1ojcYlYRPLMCHCh5YjQ5W82ZkO-Hxdik2b_bbPqkFj37aqjklhUUDvPkwReDyy3YkuKkMFBnOc8N6dskhPFcOu1TTVKZNlrUpr5FjVXB_LmeeLdyvpYb9Ki5qwGD5TLGQwUDIHkFMxVux8tV_0-oepPhM1HD-RX_MbUjELKeFqB8rfe6d-e7KsoOp5NHfdMul7ab5oW4nLXvSoVktADQ5mui7rjXs3d-ScX2m37NmqwM2ZfS3eVhEX_JP8pgB9-w5yMHH3wKJonN1JMp6q48V14Y35vtO2EAiPZngcnF_bck77XpAwZqaLRk7UFZFFLGVYiMqdfYxJng7eVGbrSEOILnwVug61b9KYkIF6mfpo27hAuS6pEz1lf20ZjEbNQLwXh-joWg0n5sd9tUpHslH7ouLMOnYQukMFfQtorqz6MdbX5f31G0FxgM99ZfVT0We8TXIFx7sMxIOuEMi7RU8g7Ff-LxsMO1dnYvU4gxR0UFZYFYPWFEi5Gv7sXDxukaqe-ZKFygVDf1n973lWPU3nsc3Hs7CDt8Y7pVVzKdet1Qydr4I6gGwUlH5d0qvi-R6PHfKKFZ6n61rgQN6_GRXwX3ki7ms1cXspYvXF5PiYlryOLk0er0YsA_L-5k-4QaXtuLaG8sO-d_Dn5cPy5ph99l20ORozuHuNZj403s_efeTictBuZ7COWNi7cHx3g2iZkljVqBb9W6V5ShtqBbPStjj-WVakxXx5MMcLoKZeZxNmgYYB3Jxq0jGPGgVncTsC9Is8yZU8N_QhPMujPVF_poiLQ8L4qptMkGkWVDGZs_ypgEb_qRSBn7AQV_NJkdzudm05S3xPkptKCQmIDYk-pKgXw3x5BTphnlYS_lTiztrkdSm6d04zCRWTS57oF9GmobN5eYQDHmtvTr2kG222ZNZxjzLzzdobjlRqYJKp7E0Suf0PG04T7B6fzYptU2PVXfQfJbXtVslk6DMXaveKlMAG-u4E1nTfoQmJG88dTchg1go5zeNzhuC9lPYZL0Wm-Ih0pjXUC_IG31Y5kVipwdsUZTdnUktC01uhGSy2vQb2847Lkyx5d01qhMosNn5kd4Q7m3sQRDzLFTBfH46rugDmH3n0PWm8Ffphfn1ZS3qhERaO0fB06MlkBxAhTjD7U02uc9_KtcptRAVRdpF4QMxvUoyMeBXCGXXwZc17Q7NEzyL63uPB-Sqle1lxYtOCAym7zxV3tnO35siOsvItc1Vd2BJu97yNFub2pTqn2AQJxKvCSc5lRkRH2JGaQQLsQHkOg8_979EbEpJPK54ljTz1IeznV2rf9aqM6Ld6NT9CaifihjwLS5P7hp3WKnVXEH_raIDJ55nuBZ60-tJNMMh8GI8go4PDTvmWGxpkNyX9QTNGZfP8rH4fnrxt4NTIQ7vm2J0KjU1mMf9dX1_rZ9Js4hgKU&pr=67:1.763584&cid=CAQSMgDICaaNcORhAzbz1EUvRSk8u_MIrcAdfDOHX13kyoYxGRZQFq18X8DHvbvC3kWUq_l6GAE&dc_exteid=31371240695024529220163301515651992&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame F6E5 43 B
395 B 24ms
24ms Image
image/gif 108.138.7.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=e81018ddab936fc27dda
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-10.fra56.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:49 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: EDMKdOmHdzKFJ3dexwFZmtYSpXGfIqGg_Z_5_xhFIT_T32dwbd2Saw==

GET
DATA 200
OK truncated
/ Frame 4FF7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b85b4aa9ff267765d768fceee96cdb7b52f5a8c1a4799d8c09b5cd8dfef94653

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame 4FF7 699 B
1 KB 24ms
24ms Image
image/svg+xml 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Tue, 21 Nov 2023 21:50:24 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 34946
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: ChBhumffXwMkvcvDXY-x4aN781JZn9QNdsVAWIussunlorwxy16acA==

GET
H3 200 2377972996091346984
s0.2mdn.net/simgad/ Frame 4FF7 164 KB
164 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2377972996091346984

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb570915065b0ec2ab1de72c19116d5b5d1e2a0caafcfcce19bbca14075da8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168088
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

GET
H3 200 9871149676746416428
s0.2mdn.net/simgad/ Frame 4FF7 2 KB
2 KB 24ms
24ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9871149676746416428

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2a7c1a22b6efda1bd648110cb8e22b462242c29fcd2dcb25a5cf96d8d0bc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: f2b93eb8-c842-81cf-af6e-8e59ccd5e045

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4FF7 133 B
569 B 125ms
124ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: a2b9742fed50b16b24335856583333a386421f9eff041d93c63982d02eb3caf8

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b6e2a8fb28c74d344a074e297f3f53b6b6f5a4add46a5beb11fc405a29a62c0f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: a2e7573125a67711205f4b1f40dd5be6c4ea5b0f368d395e6cd4aa98d1074a6b
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073249Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:49 GMT
x-amzn-RequestId: e3bed16d-7c06-c39f-be69-618c7891a215
Content-Length: 133
x-amz-id-2: AMrKZQNNmA5egdGxp+RBu5eCDBE17eiv1jOu0yxnqq5Eg8/K2cTJlCZWrOG7eAtRguxPstIqdYce5Rhzi2PBud/GsQkFi8y2
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 4FF7 0
467 B 43ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=2222779873820325758&plid=2521236318193655889&pvid=3412321030006592412&fmtid=52&e=16&rep_meta=21lvrm9ZWBMrxS0sW5t_Nt1b9btxsaopq4kAK-aW6lXkJPGtk9lNlsl8K5KEgsjpqZ-VYeYQiYYHwgDyEVTCoCsgzSgUMmjTZExsAnKLFZH68-R44zsTRz7wZFENtQtzIUILadGlfW8hX2tz4ZkAn8i02ZXVrlqaaeEM97qgfbafIt8Ws0TguOnplLAblvZenHZWi1nb7hqfDFmrQdSvYgSQgx4XVQOGcyaj9tuI-aNajUq0Eg43UoVEjUq1CJKMaUynjNvq__wikQZ4LnJrN9Zzz-dzvy_V2-OP45vpmxq_NgEx1vz73z0PvfnFdvOH5xWM4c6YmD1CCTuheQKDU9ZhnTOe_Skfd-Epz3_RoZ3rSYdu-hDTlGMvpPQVLYMImERepzXcSMG9XXG6jYL1RGNian4FRFXzlLqUNk0cNDs&offsetX=0&offsetY=0&pvt=1700638365706&stime=1700638369784&etime=1700638369784&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:49 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9B81 21 KB
8 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:49 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 9B81 42 B
63 B 50ms
50ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2L6-TLUnH7B0KwgxMryxxr9zOoER3gM_494YWJxiBqW8OTG8wYULYmRWvGKkbyXo2R2Fr5LWDNK-rfQUCxqxoqv1Mvg&dbm_d=AKAmf-AnE_w3plLcZRId1-gtm8TZR69hd3tI7aTOWYp1GeV4XlBrPnYiSBgjzGOeOuB1icO9pfZBRoG8CzNcqr7DSJKvNc7jA4AvAFIcUueXnWX5Dlb46eL7dv8kq3Tco2Pg-fXUoNGuTXnnYQbZhfZKLdtEtEKQSULa-b73m850kiW7tYjox555_rApiFJv-r1l60l7zEQw79DTdNNq9dnLWuRt_MMj0HitgaeJDeEeNChoo8XzddoRtsytHj78adzX_yox4354tfR8bclj5SVIZ2zPt-Ao3fWMzPJc9kxQ2NTRKk7CVNNSyQhCmga9ZCr73GKMgowTBMbaHQizlYyBgh-pvy-jRP-J2aYLbfL1oIq5cdFBCi1W95cEe5_pkaG-_5RLy8jZzxzFlNNh9A4wIH14KTAcNtiyKpqh6LhjWZ5nEAhhnJvV1x0Pa6_b5QJPRwXMhb_qJ4gQ1HX_0XTv0mBeHYHIHOUTSK_wcX7jvzezxJg6xXzIDLR2gSzQkE2Wv8tUzhtnEX13uMcVr8wqu8EmT7ObpGmev1gMLHj3nT42BH2XcoVIyHX6bzr_jM0or6mIoMQLPp9vfD8brDGgzkoeMwTRChexj4JxJ8hhycGUcEdx4hYkJX6HCx2ABF935nifcJK1gCJy8mjc2E9vNsliWnVC8OHdnkHnkY9AiLXvMlrVdGE0anOinUqtoBIwskD4Rej4QMFR0OXTURbK0pQMPVICsMJXNDtUhGFotH2aiyxktZ30EYvkBBDJq-c3M-wJe2CpBbGknveK9PzE1FjHm5p0lHLmLdPPFr0g2ms3X8PHyJxwdbH0Mc_OR0KBoHVakaGC2w71V5j2yXtAd8JHnODS1EydGcVgOrSGQU_YyjCZXQM22BAI9hl08h14M4LyBQpXKx3UBDrjht5F4AwVKrut_b79vimE3q2cem43yXAxBZOquHnV7vwBZMoj1-BqpRoJEzSrymsRGakOsF-indRyqqm1NuBY2AqYFrAodcAnKhQw1bZ3mtuRa2yk6tFLo2ONYe6kO9G082i6NTgStdCbPZgWE4_axIaTEoOjwe5vLv_RGgIdpQv59QDTwFPDCcrPvWxMK7rcU8rO5_Xh4czrBK0pkVl-C3eIaIa0t21LQJeYImi0ss471cRC9oGBIR2Eyi7SI9gLJ9pSGkDGjsjfaD6udRARmuuQXljUM6-coRTmwMaoXmBMgRY7cJz3aetDei9q_-DFgZJ3iL3sluLNnbj6p9Go_JMdZSJfpnfGccWEUk0Y5HrC3QlnfoPNpEV1ojDkOpn7s_ZBj-Rv12dNog5i7hpeyqPhpxFV9oeVQBdNePHBkWc27q2eXj4B932fY0WBa-Nzkj3U9RQme7MKMCfpVtkQA0nsnOcnaQ5DZ63fh4EJMT8Bw2suzilqkxj3KXaGr-dWfXZ00ogt85NWKg9Qq-_gPgPA5bInyA4bLMPbTgRHaIbZX8DSN9-f_2BlW_LVlxJwZZP2sYb6055XR_989VqfORX4GGGhnvMNPzyD6D6Zxs1ZqeAnhtW6hiG0rO-lXNolyYwCDpoLYRwAq4nMDbHpQA2rEXY82N_nrImMdJZLu7DPuUMgd6yh88p6TmTyYDbFcuWVo9W8YmHSZoXS6gt3qmAsX9cgl2ZN0ZRoaHNdF3LOZxMBGqkWRPJv8YOpWRpV8WOMCwAw70fqtLwhmfFHuYIt8Wx9jTMPqpg0etq81k71PmRqtAzcnOeblbNx7cwsTX8hIRO1NnsYA8a17WDl0BxE8V54UbE89lVdckqYk6UxMyqYLZh03X8jurBsTOKHgaSo_5fCFoiM8qamUYKg48YjdCCfiEBDFB-QSuLFrDvEMIzdgW6bv-xgPYl7IoXGHrKa-OPKHqdjfs_E7U0rWKqLuqGxmqiHUyPPzn_M8TZYABlqQQUvMtEO015UEg21rajiePyuLWw8lza5gFRU62cw9_KgWBM0Ie7ETYJ3arphoYUicf4bgyDvqZJWd6-jCJVzlnnGinhKk1b8H8_b1tP76yD1pRhwAtpmhlKozeHQO9y5ukN5WS-OgBIK6zn4bJi6KA0I4GCmYsH6FDbwA1pIldsonKaO0fZnhyE8svPI8mheGEwiSv1ZyN3BQjSt1J0VWrFQKojOlmge2zLQWgrJYAFXNasunmBHYdMfKWHTPbocagLX3wqQlUJdlU35L6G49MQlGFs1wNr9dqqiZxs89kP-q10saUmsr2jYCpeRSkLT2VfhzSJrH9JyAJiD-WPgh0N9fB4O3Hr1h-CgyiQoQz-xwRNt9KXtacjRvOwrDcDKW_ttyLlJ8eZOwQCNyFD89qEsYOAOxw&pr=67:1.763584&cid=CAQSMgDICaaNJezpJNJsvvlwfqrKTq6hv4QxVO2729LSThxTnokTZSSRY5dkVun2ADlxvTzPGAE&dc_exteid=31371240695231354114723003117360261&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 4FF7 43 B
393 B 24ms
24ms Image
image/gif 108.138.7.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=432812c551b795ae2411
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-10.fra56.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:49 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: hoy3Oh7cRgJ1jNiGutiW1taxMMR-NtlMxVMh829zKTHhR-n3cm2Hvg==

GET
H3 200 container.html Show response
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0CA2 6 KB
3 KB 23ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:43 GMT
expires: Thu, 21 Nov 2024 07:32:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 16ms
16ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=d387daed-9e60-4c14-a162-c5c47fd6593e&a=s.d&u=28f81968-7637-4e59-b276-64fe8525c1dc
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 866375
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 501ms
501ms XHR
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1960253774774635&correlator=3064475021464512&eid=31079671%2C31079744%2C31078018%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=13&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3D8ea307d0f66648de%3AT%3D1700638365%3ART%3D1700638365%3AS%3DALNI_MY4XfW2sO3sqoiOMvKEDK52gZ1Yug&gpic=UID%3D00000cd6c9b2db67%3AT%3D1700638365%3ART%3D1700638365%3AS%3DALNI_MbBmeqV2kl7IMmFuFEmRWJxFsI7fg&abxe=1&dt=1700638369850&lmt=1700638369&adxs=1140&adys=591&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=381228326.1700638362&ga_sid=1700638364&ga_hid=1184345832&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQwOTQyNGRjMGVmNmFlZWVjNTllOGRkOTBhYzFlMzIyNDZiMGIwODY2ZGRmOWI2MzE0MjEyYmIwMzU5ZTdiMGEY07LIr78xSAASOwoKcHViY2lkLm9yZxIkY2I1ZTZmYWQtMmUzNS00NmNjLTg2MTQtMTE0NjE2NDJiZDM0GP6hyK-_MUgAEh0KDmVzcC5jcml0ZW8uY29tGPieyK-_MUgAUgIIZBKuAQoIcnRiaG91c2USmAFydGhyUkJKaFNnQ0hDcDh3U1FNem9GUXBNQlhGS21CYys1NmRaQWR2SVNvem8zZDh4elhDcUpEWkhNYldhSytGZEdOaENUZjZwSU5WY0RKOExqZEpPOUQrTFRUaG40ZWE4ekVQT3VvOEUxSGFNQy9oVEhKZE9Bb3ZXcUFaWlFyNXNIYzFPTElKUEZGVFVRTWwvV3dIL1E9PRjKtsivvzFIABIUCgVvcGVueBjWscivvzFIAFICCG8SGQoKdWlkYXBpLmNvbRj4nsivvzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJOwyK-_MUgAUgIIag..&dlt=1700638360670&idt=1869&prev_scp=pos%3D2%26monu%3D300x250_B2%26slotNum%3D2%26placementNum%3D1%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D7__notchrome%26browser_hour_refresh%3Dundefined_7_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1236936962&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

768e258de254709aa8bff00184c69ff5639eb796bf61e4efa3a0bf9528de53ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23260
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C2B8 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8590270dbad0ab5e49bab98f9280d69e5265658a6aeb27a00521baae9348244c

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame C2B8 699 B
1 KB 26ms
25ms Image
image/svg+xml 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Tue, 21 Nov 2023 21:50:24 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 34947
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: 9_0icB88mFRV3JFQYpo5z4LFJGEvd-NyHR-zhMMRYdvu1ieq2USTHQ==

GET
H3 200 2377972996091346984
s0.2mdn.net/simgad/ Frame C2B8 164 KB
164 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2377972996091346984

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eb570915065b0ec2ab1de72c19116d5b5d1e2a0caafcfcce19bbca14075da8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168088
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

GET
H3 200 9871149676746416428
s0.2mdn.net/simgad/ Frame C2B8 2 KB
2 KB 28ms
27ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9871149676746416428

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2a7c1a22b6efda1bd648110cb8e22b462242c29fcd2dcb25a5cf96d8d0bc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 202052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Nov 2024 23:25:18 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: e197c7e2-15b2-cd07-bc40-7700802b8ec0

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C2B8 133 B
569 B 170ms
121ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 10cfc93d2658ee387e1c219abc157474f4f3988e88364dfca82986c07f3d0c9c

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=0c6cc654e095e15082d8bbe0bb82a60999ff7c529bf7088a1401335fc742b122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 286d83ad49d3845bd98f554ed53bd3f155914372266bc9834e4d833b3cef35e6
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: c5b06fb8-a362-09fc-9867-df5ae78d6c3a
Content-Length: 133
x-amz-id-2: uAFd/Bd2l2gxilzO6rssOcb+5z3NHDcn1xr6f2iBoP+uuzliIiLzMzNWdaiA6/L3OZCQAdpq35aBgrTH2LJS44TP+O1XbAR5
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame C2B8 0
467 B 42ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=4050710964008965180&plid=2521236318193655889&pvid=3412321029805258910&fmtid=52&e=16&rep_meta=HjpZf_oDWvfzQwKC-bDoFpJp-3PA0Nm3t6pDn0h013pjyv4mGEQtCtsxN-6IVXRV7CbMnN02fhlxrj9Awq2oxpf35KEkSxsPb5yhE4LqF_CsPEsJel3iUfJ5JEwbwDZW-dLiam0_XCRey-PHiIHrEztxNJRT0IDYFmG-ZUZjtikxrMCBXBGtbwvVPnRnptVeLk3ihdyQu6ZexCEbFBb_pBvguJWDPZ9CYDHWqKOUnMnG0V7agoCGiFXlQNOuEIDZfYAWBfFIuS0BdDiZjzykU-FD3uMup84VQ-3tjKmu1hEuhEaK2cudTyDXATZJHP68_ldUqkB73MD1xug9sTlhjblPCYpOJiylyFGr87BDlSa92KiH87Taao5nDH9S_DdGrgdQeN5G0OClh6oHGQS7lHmE_ZGx9A2PUw5j701tiQg&offsetX=0&offsetY=0&pvt=1700638365682&stime=1700638370010&etime=1700638370010&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H/1.1 200
OK analytics.js Show response
s.update.tas.yieldmo.com/2/518423/ Frame B225 6 KB
3 KB 1519ms
43ms Script
text/javascript 34.249.193.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3412321029805258910&pv=26d423c9-ac23-4e2b-8d07-aa3f1d5f8ce9&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3412321029805258910&bt=programmatic&gt=ch

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.249.193.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-193-45.eu-west-1.compute.amazonaws.com

Software

Resource Hash

98867c4dbff449ab235d758e4a6dfdc47f8f9c4e94ddc0494e5a3b360529445f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 07:32:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2696
Expires: 0

GET
H3 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7E99 21 KB
8 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:50 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 7E99 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4_xW-c9EEF7RrpIfV7a6oB48oSiY9DZkPeD7nS91OUXCMjWdu-gRxT6HcuzsSVv-yc9uGjWd0tA0aAxL0qX8Cc_Nq5g&dbm_d=AKAmf-BM2mth-h6LyZbt9FWtTX2peaySg3y1w1tx4V7voCgamlfGdp3I_8WPRvf2QiYPObbdHQ-h8DTQL5tgyEQQgnczOzDNNmpXFI9_VPWqc6IBdPSeDDEX5GVfnB3eNpjnudF_YvunIVaodh10leBm7yGtTJJdqQfe0NeHcZETVQ2uy9rtHnV0I0-6IMgPexeySL9V4esZxX-Ux4BkyODGjuwDxA2uh6C8sgGqHll034BbOvnGpu31s_w1IyHfhGB4KRa5Jo5uDCple4tvKHtCjAPJZs5yGvtxNRz7dfSr2pFAg-djlUHvVuXUQTY201VxbvUigJZyJrOLYot7iU-kiQ8h8td1h89vl7nzslAHgVcAPY-5znX014yHk8l4CHV8N7acRVrVBg2UDsZSq5Y76O31TGrf-1f-MrB6TmGay0OxwbQt7g59KXDv45m039GrY5m8Ez282cpo7jTv_6Wi_2wa5qYyGlb0XK6-aAJIDSw-kEZAMkf8FImkx8SAWPGBRPYVWEwUQuNkFwvWwLoSjhKuCm0k3eRTNknX2ovKyH7wNgoezKPvwbJ_XV535C1VIe6p7RQ6a-LU89_6-ZGgSO3H1yrPnHhE_dY7xoWbDI9z0fgk8RnMK_-lVllYWN-xKfP4NLnrx_YCSub6SAPjKUYonymi289Qcl8HxEnQ4RFPg_-qQXX9Be3okOOeZdSbPO37peRdT1x4rnb10YS7rWjq6L-ULcYNZd47VXSh-mGHZ9B2QRBqJNexF58vybSCatbAuhjwCzC7pVfg1p690wMYQfv4zywzvRd2TxCWedU720vJopbx97Yur3cW1a_mhPAm39s70N8zDr_g6zdRQEE_e2nbx3wopps3a3Ljm-yxa8AvWQUuZXNEDnYH07ayFIbPTHmVCRzRyxcpkMn8jDJjtyv-tWWukQeyTIYiSST2qatIs6GQ895iiXQhZ3sIdr8YMi-3e0LPeE19wUyDxob99VpUxvR0VcoCrQmYwUUyft_ykyQrBK-bOKguo_fvuQXBFEFiRGtZDFHds1_fvyfio9iiKJfxhmLNLYa2IDdMGwXFRebIWBciObOZdjJVxFuNbKcMbohh1WzvwMFh-wsmvRbwjJrypEWm5bBWBtdLHkJu7lLZsjrc3c8LQuKieA6y74pX_muzBGj8kcFj8r-sj0DVf50Dl82ps4UMtkuiReP3kvZkLCw5qUxPGPBS_xxbmEkaribEjL_lll_TOlHBM6e2SqW5Lwc3greIFGaI_BoydV1XnpD2jALij2piex53v4NRmkNtg0TYZFp1fuD_k25pw8I3EkhXd234MWU8KnRJKOA8v6jpB86XhskXylkk2guz5r6o6fmycRP1k6hwUK6UQyo31auTe5w1g6J1CuneVcBRMhRRk3SSwmH0DSP2qmKzmX9Wyryqu56oS1IE15srUYt9PBBK-QrJkUR3gxrHR9FHj6J2Krv3MprLmLLoOKWiU7aQi-TfqLeAkIgFMJG9D7KvNMNYFNyvqxY_h0k9t3n5EPNfCDSYDuu2pb5CCYMvMPOOQVPD8vi0U6BYq-u4IcyM5nq193o-Dhc5ZdR3TTm4TNts4kXTnzBX0c7wX8exsywG0eafpNqlEXXJZhHrLZ6c2QjumFBr-0q9c4zMFlprsUFX6Bu_xuksFm65BZLeWL_1GMbSyMmA6IWYMkDbXSAEIz1r5ptafyDI3FDIdFh2mAKkgr2QKnU-tFuxC6FwqSBao27LZmX0lM-5qvEGnWIL4xxTM7UcbuGfSzrW7zB6im-GnEPuKLUb82QFUhRKGWyyTSqm7rNNUBpKtw5POyP9s7bwkpTnyfskcF7xWYqEDutbCs8pkRhCKUGodw99N_WQn-CEzHdYadHpvpE7tzXk0l5_fsAPBmMTfZlEVPxmk6wZ28hXuf-jojwbkYjAdbIohoRRGyWYlkdc-14wKEmM-QvMjBFZSAwxtzdzn4LzdHZF6A_M4OMm453Ssu-b2De9N89yYEPSSya143mXyE67n0bJQ5n_7lVuUmtKfx4hUqE-fPRsKPX6wrsICW0AX26jMF9mOQ_ScY7XQAoRoTHoAU5FcSY2HsH5QL9nyKV8MEqQKAA2bWckq4LUkiavCSwa0t9S3RxoOu71i_LruIkYlrDh9IN-waOgXk555GicMlAtzhgMxg_ukSQOlwx7jLN5Pmlp_cyFamIf2mKyeez23Nsdbi-dFTo0sswdzqc4zG4-3-Yd_1VPIXdZe_3wdW7IaaKLz7hEhnhSxY-2Ln3iKBzu8EL-pbXHVgw2eHxVFXkWVwZdBrU8u05cLxnWgsUpsMEfMVoDoSaGV_KXVw&pr=67:1.763584&cid=CAQSMgDICaaN60NBpoIatFHvH1Szt9ymitLO6nr1oejSnbV5qQoNHn1MVvoQxpTwb3v4Ji57GAE&dc_exteid=31371240694982618090153200494866545&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame C2B8 43 B
393 B 24ms
24ms Image
image/gif 108.138.7.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=a2bbdd018bf06a7ee577
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-10.fra56.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: EBId_-mGfuCFvufJa0756vFm3AW0t_8m6eh3kz2oYDBIorUHT3RReA==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: de20030f-d053-2718-83f7-b3edd4c44692

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 6E3A 133 B
569 B 164ms
121ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: d50661fff894e10589786abd64c14ae41fec6a7c9941b8b249a24edd6188c4eb

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e890fd479d341fdf267be1b57960fa71a2aba15d411fb625a2d8a43dd248628b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 25a21335d58a2e4e9ee6e5cb5133b255f79de1222d1d68f2f41a6003bb6c51a4
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: f0e9888d-a6a9-b43c-ad3e-386f3a7b29d6
Content-Length: 133
x-amz-id-2: nyDkLB/TlvEClj/elNSkjfht9cx/G3E38zQ9XW3Pr6hQzg/HvPAIwcxpCBTvUOD1ppGAts2ROx0xwUO9Dyj6kEkwnIOsDQ/s
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 6E3A 0
339 B 42ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1278&fver=5.9.26-F36-46-52-54-59-B491&imp=5206241578790453939&plid=2521236318193655889&pvid=3412321018581324120&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700638364344&stime=1700638370046&etime=1700638370046&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: d4c738ef-5489-192b-8910-880d501e78a1

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 6F97 133 B
569 B 190ms
121ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: c92b46bd89f59a0381152c84bf1524ab70cfefb2bcd09ad35750e870f972a529

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=3ddf02f3f097f69573ac4222917a2e8d4a08b209a9feed47c82f2df4054791f2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 7bc84725a8f0face5f97b0e82f0ff66cfd349ef8a62e69bfc203017db4e408b2
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: ccf79510-5c6b-a2e0-9120-25f2c9f2e127
Content-Length: 133
x-amz-id-2: 4PH4IhKz2NojQM0ooiF1ExyiKi+FO9KMTMl400JPdccmPfEDbF5m5yxvOjZ0ZvShLcKHVa5TL/ZRN6qJdFZBzWHd+b+eaV0V
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 6F97 0
339 B 42ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1104&fver=5.9.26-F36-46-52-54-59-B491&imp=8451174701058021595&plid=2521236318193655889&pvid=3412321030056924521&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700638365712&stime=1700638370060&etime=1700638370060&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: e41ff4d9-27c6-456c-b9c8-443b632920aa

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 2533 133 B
569 B 213ms
118ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 464b756f2057463749d04fd4aa6b323baa694f4ea800d7c7d084caa71fe6cc88

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f6a488fddcbd2497bf63aa9a145530001df94bc3bc4f70580e440cadef47815a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 42297faf58c30d894189c9ab2ca028925e4f73daa59d75d2a36a1c652002a825
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: c6226d83-b125-a64d-9bf5-dd61b5b2c7c7
Content-Length: 133
x-amz-id-2: NjzU22JNcQ4ckxAsZZYQUxO+JVKLV/3bDjaa+MSeg63nNeFP3T+HB2jFeHJzmY9OOkYSnksVwHxU/yvbgLtbPdQorS5lJgG1
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 2533 0
339 B 42ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=964&fver=5.9.26-F36-46-52-54-59-B491&imp=6049309070596610198&plid=2521236318193655889&pvid=3412321029763324371&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700638365677&stime=1700638370065&etime=1700638370065&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 112ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: cdb895fe-1749-2027-906f-251c8b9bbdcd

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 256D 133 B
569 B 212ms
119ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: cdf467d3463fd819bc21d8e8079d2c45e19a0a5eb7e8ef71f943244c283dfe18

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=96f4fa276c91a7967727adaac102e040c7b9398b4382f348f968502eddf48ef7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 2eed1d852ad980a0cce69236591f4640ac870ad7dff4eb3a401089e62829da2b
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: f9a4852f-d516-0c66-a473-35cdd1816dec
Content-Length: 133
x-amz-id-2: MUdwdf55U63ZZwiy2U3gVQpMYCKculEXEaaUts7BUqjdHWP5UyccBxsuRAe6k9QIFKat3kTf+nEAthfcjPqkZalcEUKXUbUa
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 256D 0
339 B 42ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=839&fver=5.9.26-F36-46-52-54-59-B491&imp=807116992221032196&plid=2521236318193655889&pvid=3412321029922691702&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700638365696&stime=1700638370080&etime=1700638370080&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 112ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: cef8c07d-0765-c9ec-932f-709f9bb75406

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E4C8 133 B
569 B 220ms
119ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 1103674b5182811a62327c01d21cfc2ed96f58eff30ece5c6901e5a00f6ef4ce

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b5a0bbc5f0442c645fa0568739627d3f4e64811beb0d9e5fffdddd865dc35685
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 3458dbfce14ddc6b69a917a2513cfcf352d071de063e6ec1f9d966b5bbd64633
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: ca888075-dd5b-bb95-975f-309799b4de53
Content-Length: 133
x-amz-id-2: EUCW3BGG8MaNOY9nwYSsyEyD7juL3eyPoqcxPCCQNFkogHFsSKg6ljJXolkxgrAX5B3Cx0V7jb6WmIo3IPyDXiJBhhu9NYZv
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame E4C8 0
339 B 43ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=713&fver=5.9.26-F36-46-52-54-59-B491&imp=5821936934030058024&plid=2521236318193655889&pvid=3412321029704597280&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700638365670&stime=1700638370089&etime=1700638370089&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 145ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: dc0fa4cd-4822-2a83-81d8-142fddbb6944

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 5706 133 B
569 B 186ms
117ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 3b0c76b541232b9b6f58db707800bacffd44e2f166236bc42b96613677def7a0

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=399eaa76a6c5ec64eb68e564e43f1c815da817b2dcbebfd57cbd55227ae334e2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: e0e852d71c7da179291e4988e9f94a25d9a694dd9286e5e27e9d92bbf3f5fbd8
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: c04dd651-1474-9e35-9d9a-66b388a603df
Content-Length: 133
x-amz-id-2: 7ll/xevZbPOTrZmulymjkKjArAiVTAQG9x1C/PIR3OEC2EQUJ90Jk7qXB5n+JlYa62JFV4XUpdLgv7GA75lglIjmLR5JJIhr
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 5706 0
339 B 42ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=592&fver=5.9.26-F36-46-52-54-59-B491&imp=4594336479232666576&plid=2521236318193655889&pvid=3412321029872369502&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700638365690&stime=1700638370096&etime=1700638370097&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 168ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: ea60f628-fd63-e524-b7b7-46caf9f484ae

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame F6E5 133 B
569 B 170ms
118ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: f58931d59bc21fdf982606d989220a1ae1a45c65b51e4d9f0b6d5c502d04710c

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=954391b292084335486bf8df37f3b794b69f5e013aa265343f88766e32272442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 8592ac8fa83bad55b9c9d4d866ad25ddf3f59953a7d20145d65c27912afa7b7a
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: e89df06b-edb3-519b-b54a-40897161cc71
Content-Length: 133
x-amz-id-2: WcPzIHSL6GpQxc5AhEIaAqsqX9asH/ck422aBuRbc1K5EptFK7EaCm7LFXcArqwv7dumu07rantOrtJldhqYUtlikIhGutlM
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame F6E5 0
339 B 42ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=470&fver=5.9.26-F36-46-52-54-59-B491&imp=6732327714475285147&plid=2521236318193655889&pvid=3412321029788473950&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700638365680&stime=1700638370104&etime=1700638370104&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 177ms
113ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: fce40cdb-4e2b-4a7d-a133-bc394abc2bf7

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 4FF7 133 B
569 B 201ms
124ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: c80e9f7f33090322ae4f531186ffd6f6ff1e5739167c0577d58ef6d833f9a6ee

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=483ce45517ef5e63cba5d793939ea4dfa07cdd5c26363228051d2da28ebfa4a4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: ccaa243fbbdf285c6109ddb2f95102616f654791cfeeb9faeb8ac591673ba00e
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: f1021c66-7fda-3e97-acd5-ac84ea437d50
Content-Length: 133
x-amz-id-2: qON8VrzLlDw6cAjrHvZESX58dKd+7P8j/zd3HZ83V1Kglx1B7o+K8YE3Gg5G7T788ZFf6DIgk+a1+DyoiaMvJ1/QctYJSvOa
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 4FF7 0
339 B 42ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=326&fver=5.9.26-F36-46-52-54-59-B491&imp=2222779873820325758&plid=2521236318193655889&pvid=3412321030006592412&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700638365706&stime=1700638370109&etime=1700638370109&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 174ms
113ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: c5301275-3271-c5bf-98e7-a297aea35855

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C2B8 133 B
569 B 216ms
119ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: fcf9b6dabd71f6ed32615c64054f36fad3ae7b81586ebcc8661d8ed49f4cc791

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=25b42c8296038a68bde0e28627f6f644efdab780ea6f78d9c0513a2377d7fe5b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 1618c94b5b9b5d9cbf8999dd56ab3f304d5c20c56d4984d22ca391fd3b946f8a
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: c90b2cb2-710a-0f00-94dc-9c50759d6e8a
Content-Length: 133
x-amz-id-2: ZzK9lFvrA9KkpPkEaabsyyN9P9/2CJtcT+qJG5LfXGJLk44/4CF/PNdF0Zc/mWi9Re3brNKsDHqWYRPl8holLDiL4CbkVodH
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame C2B8 0
339 B 42ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=126&fver=5.9.26-F36-46-52-54-59-B491&imp=4050710964008965180&plid=2521236318193655889&pvid=3412321029805258910&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700638365682&stime=1700638370133&etime=1700638370133&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C30F 13 KB
10 KB 131ms
86ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1443a4ec910a1cb604121681627164fcbe3a37f50c1aa6f79f9b846b38844f4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10345
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 84DF 13 KB
10 KB 107ms
66ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d35f3eb70fa204cfe4c501ab29ac841d65d26ae2d070716f3fa436a5deeec050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10208
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2138 13 KB
10 KB 119ms
80ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a53622feebce4ae80bfbc6a9f1b08ba21bf6e57beb368fc67309e6da5698ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10212
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F593 13 KB
10 KB 109ms
72ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8efe4cd73d994b8ccb8848df4047351ced52b5083e7b3eaa21486c3a8829ed4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10213
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5F8B 13 KB
10 KB 157ms
120ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da349fc5e90eda9fc4d41a02fd4152fc657825a488be965e7d60ddab6de05018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10393
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4C0C 13 KB
10 KB 152ms
117ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86af77627c4b7dbeb1f510e2dd19123fe873b4ab57799626761f6febaec28e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10379
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B9C8 13 KB
10 KB 110ms
76ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a617d7585a2cabd9c7e5ea1688892790b3b08a999e9fa30ff6c0bbeefee0a3ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10321
x-xss-protection: 0

GET
H3 200 ym.1.js Show response
static.yieldmo.com/ Frame 0CA2 471 KB
123 KB 25ms
24ms Script
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 17:14:28 GMT
x-amz-cf-pop: FRA60-P5
age: 51503
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: wu8L7xfiYopwsCPn33I2F5czegk6hBb3djPMjjqxGuHwnTuNfy9_5A==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0CA2 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6453 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 35757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0CA2 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 0CA2 43 B
492 B 43ms
41ms Image
image/gif 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3412321053989616942&pvt=1700638368565&plid=2521236318193655889&imp=2047727536129101633&rep_meta=wp0oTkO9jiLS7M397yo0MF75pm1bwmpWvBn_DvDVsCOpoVy0Iqsi5kPaopyRUdSvP4DJOlnTU5UV_z5uX5fyq15f-Ix7-O6NfgKDdjY_6SIYIHzkCj_Bqmo9jcot2720ae-CbShjUHDdnCGE92FxVCPC_U3afoYxUNf6YZ71TZhdKWHYsBebywQDM3lEhgYhbRjoioDteUvWQTFJZu1glbtxBbBcFPLDWrWvxhUEz5wvEN3BKLnqAulerAAIr1nqdjWQAca38m_v9bnYPlNdoFZ6Uxi7haCvVfkWal0uW6biVxwnAZP4xTnYMRI3tXjiHA9B9zYLx6ZKz1k0WAKl6jQsl1kedRu_SBPGn49_XxN91GOkBzUTVRUdpryPFIujVwuiaWlwzxiQCwiuAfUYJdE_QVCCktyYXgAJk4yVg_E
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0CA2 0
0 30ms
29ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYib7BC5gTXP0YDDXMUoBYPjhJY_OBknug6ztDykxUkocFx7OzSHRyNE76LuWrxHbMJxnKVgTQzxWU4yeIRgTJIZZxVQ
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0CA2 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0CA2 146 KB
0 78ms
77ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:50 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 0CA2 68 B
243 B 42ms
41ms Image
image/png 51.20.166.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6MzAweDI1MA==&v=5&s=v31hfqv4adh&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERTLkIiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTI4ZjgxOTY4LTc2MzctNGU1OS1iMjc2LTY0ZmU4NTI1YzFkY18xXzFfYWQifX0%3D&cb=6763643&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJjbyI6NDg5NTA2NjMwMSwidyI6IjMwMCIsImgiOiIyNTAifSwid3IiOjZ9
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.166.45 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-166-45.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9B81 13 KB
10 KB 73ms
73ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27040dc2a6fbf853d7a18bee9494a88aae83cfcaa8125defaea64ea4d1071910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10367
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7E99 13 KB
10 KB 66ms
65ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

532b5eca9f1abfff095c2367688b0b2ef6a3a507b84261dabfe9c63ccf0f1a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10237
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 84DF 17 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 07:32:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F593 17 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 07:32:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B9C8 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 07:32:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2138 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 07:32:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C30F 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 07:32:50 GMT

GET i.match
a.tribalfusion.com/ Frame 6453 0
0

GET

pixel
cm.g.doubleclick.net/ Frame 6453
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmRIewqoDW-C04eNdwGpgwVhKJOLZLBu7bVLY06XwzppKsbh5XiKWHQ6LV_2NPCx0FF-hDf-EEnHwtEe7lwpNI7q...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRIewqoDW-C04eNdwGpgwVhKJOLZLBu7bVLY06XwzppKsbh5XiKWHQ6LV_2NPCx0FF-hDf-EEnHwtEe7lwpNI7qnhAcLtST&google_hm=3DpI-skNR3qWj3MHlipBMA==

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 6453
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBFIPfLlvg449rO_aj0K2-g&google_cver=1&google_push=AXcoOmRdhxwGG8dOZJo9ZknViaAeNW-65bHfH0UMPLMSux8eEDMJlPZaFtd3o24VKjPttFqZJ06AJ009...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmRdhxwGG8dOZJo9ZknViaAeNW-65bHfH0UMPLMSux8eEDMJlPZaFtd3o24VKjPttFqZJ06AJ009...

0
0

GET /
b1sync.zemanta.com/usersync/googleadx/ Frame 6453 0
0

GET

pixel
cm.g.doubleclick.net/ Frame 6453
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmQkn9VlDbcQZevrHIoXx0_TI-yjsE4nfbczSaEg3YPGE1A3sNP6DirdSbO65kCWRZQbaBNERP6J98I1RaB2Q...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQkn9VlDbcQZevrHIoXx0_TI-yjsE4nfbczSaEg3YPGE1A3sNP6DirdSbO65kCWRZQbaBNERP6J98I1RaB2Qij--ZneEi2fdw&google_hm=HspkpGZHXCEtjKfnQreg...

0
0

GET cksync
cs.media.net/ Frame 6453 0
0

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 6453 0
34 B 22ms
22ms Image
text/plain 52.59.133.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJV0QaIrqnT32gmclS1ruxc&google_cver=1&google_push=AXcoOmSdcnZOZx_JQfnf0DZl81CsdECe2lel2OEfXmswL5WFnZo3Cu87cG5f1WUoG0NDV2OqE5_TeuQ19hAkMA8j-rg0dvb6iBZ8Q_4
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.133.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-133-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6453 0
12 B 30ms
29ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Juvfa_lYUPRUFEi1_aLi-9T-BAHlYJMuMtIe70mcZYAIDYjzSJiVZzeX_aol4t6QAQ9iqGwA

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 0CA2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a46c296585ba434dedc3932c838cfe4695f4fb7491976d36ae281730e917608b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 0CA2 49 B
498 B 24ms
24ms XHR
application/json 2600:9000:2250:f600:1e:fdf8:aac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:1e:fdf8:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 3
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: iXuHxPbG8eFpo-7rWX2pxUkBScNLViT2iysG3OCj0VWeiTw2EMDptA==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 213ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: e20f4a9d-fba6-36cb-bfd8-fa7fff315741

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 0CA2 133 B
569 B 118ms
118ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 858387504a5c6223bcb00b8c4ef7bb5e7ffeef1ca4b556aef0bae9c18c60c8e4

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=290d56482d3b9b4191bfb2664310299a61e283205fd4928758acdac544e4ba10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: ff400454bdbe96f4a79d92a762f1ae8a5fb3323a85cd8ab79e4439e6f82760c3
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: ec24ac88-aacd-49f6-b1f3-1c6aae5a287c
Content-Length: 133
x-amz-id-2: EzHBVHvszvdsE5tZZXBeBILX8rZdOck3aAXNQMRP88CLbdy6lqXeS1uIWX26bcEFqz7F91HV46WnWj4LsJH6jMO+hK69MJSU
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 98D8 0
0 44ms
43ms Document
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Wed, 22 Nov 2023 07:32:50 GMT
pragma: no-cache

GET
H3 200 36.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame 0CA2 210 KB
64 KB 23ms
22ms XHR
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/36.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14fdb30698fe1edfbb87904d8edcda380e8ebd520ac5725c2e9673b4d668c680

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JE5jqTVkaSrzzikfUJLYTw46l5zTACeB
content-encoding: gzip
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 13:36:02 GMT
x-amz-cf-pop: FRA60-P5
age: 64609
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Sep 2023 15:41:24 GMT
server: AmazonS3
etag: W/"6ce58e8e92e962aa1c2ba7880bfe08fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: E_NbK-4UvDfIW0_PdHrJRvYy7BViBMUeRnUumpaN4M41BRSewCVO3g==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4C0C 17 KB
6 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 07:32:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5F8B 17 KB
6 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 07:32:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 291B 13 KB
5 KB 22ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 40058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9B81 17 KB
6 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 07:32:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7E99 17 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 07:32:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 885F 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 40058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A26 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 40058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F38C 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 40058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame 0CA2 699 B
1 KB 24ms
24ms Image
image/svg+xml 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Tue, 21 Nov 2023 21:50:24 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 34947
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: Za72qsei4r4GWF6mkC8yBSrwkG8zMrad-n-2yMAlU69yuUxJP_HMdw==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 0CA2 133 B
569 B 119ms
119ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: b160eced6fa1447110a21823a7930befd170b51b3b95166e35a124c98d9920a7

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=8d6fd3cbd7b9b820a9555534a70dc370b8b0c889b0dc63a827b279db74873f39
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 36b93687cbdc51a20dff4cf53ce1e5920661847aab505a21cdc181f38124e843
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: eeabe3ab-685d-23b9-b37c-5349f48fbe53
Content-Length: 133
x-amz-id-2: fBESv5yxG/L+h+23f8226x4aUcG5cvHrqADRL2Ry5uQL5YtpGbkittgw8IHntSIS4xvfV4UkCfMPckaMpgWXkNkg7zwl6taA
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 0CA2 0
340 B 128ms
43ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=v&imp=2047727536129101633&plid=2521236318193655889&pvid=3412321053989616942&fmtid=36&offsetX=1140&offsetY=159&pvt=1700638368565&stime=1700638370470&etime=1700638370470&viewportHeight=1200&viewportWidth=1600&adSlotLeft=179%2C0&adSlotRight=179%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 0CA2 0
339 B 128ms
44ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=fv&imp=2047727536129101633&plid=2521236318193655889&pvid=3412321053989616942&fmtid=36&offsetX=1140&offsetY=159&pvt=1700638368565&stime=1700638370471&etime=1700638370471&viewportHeight=1200&viewportWidth=1600&adSlotLeft=179%2C0&adSlotRight=179%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 5430642788258857525
s0.2mdn.net/simgad/ Frame 0CA2 208 KB
208 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5430642788258857525

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10811981330cbdb5551d356db50a88ce22539d28800c15b8c5d5aa4c6221642e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 02:36:58 GMT
x-content-type-options: nosniff
age: 190552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212576
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 02:36:58 GMT

GET
H3 200 7502160840059664042
s0.2mdn.net/simgad/ Frame 0CA2 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7502160840059664042

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2a7c1a22b6efda1bd648110cb8e22b462242c29fcd2dcb25a5cf96d8d0bc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 04:17:09 GMT
x-content-type-options: nosniff
age: 184541
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 04:17:09 GMT

GET
H3 200 container.html Show response
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C1FF 6 KB
3 KB 35ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:43 GMT
expires: Thu, 21 Nov 2024 07:32:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6862 13 KB
5 KB 32ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 40059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 0CA2 133 B
569 B 119ms
119ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 926cb81b96cb5c9cf01ba1351ab70417c29bfeb7ab56de99a145a1735c7cb930

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e24193d5102290024b41cee6478c5465e96180e8580a70f012ced908d762b779
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 365d95fba1a4482766732da34170c2b2a669e08fcb83964ba7f8b5023ad5d363
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: f095f260-60eb-2ae1-ad42-4282647c4b6b
Content-Length: 133
x-amz-id-2: x0CduqC89dIExos6AtLMjJlVVLTpahZTcvEi+onDh/huQ0A4hUnzzK3csRmMK6mMZ34HFIRN3knjuw+0xZLHfmjB3Wn/V4yq
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 0CA2 0
339 B 42ms
42ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=90&fver=6.0.30-F21-36-40-46-48-51-53-54-55-60-61-B538&imp=2047727536129101633&plid=2521236318193655889&pvid=3412321053989616942&fmtid=36&e=11&offsetX=1140&offsetY=159&pvt=1700638368565&stime=1700638370552&etime=1700638370552&viewportHeight=1200&viewportWidth=1600&adSlotLeft=179%2C0&adSlotRight=179%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 565D 13 KB
5 KB 31ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 40059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 35BE 13 KB
5 KB 32ms
23ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 40059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9BD1 13 KB
5 KB 32ms
24ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 40059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E9FE 13 KB
5 KB 32ms
25ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 40059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 291B 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 885F 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A26 39 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame F38C 39 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 6E3A 133 B
569 B 119ms
119ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: a100a610d043307ba5c98ffe3961584b23d5f455f815c0ed0a156f923ce6c9a3

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=443907e7b0c7edd6c48e044328813b735d5cb046064f0325f7ea84409c02ef7d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 741c50458af5f254181b155ae95196305507ba983be34dab9f1e0b382736209e
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073250Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: c404d4d4-7bcc-6bb2-99d3-64367f5b0a38
Content-Length: 133
x-amz-id-2: UzbjTWFkU823pKKRg1kO7uEFYGuEX1JMxkXKxtjQbmmFMS6cWE3rHneOn2bXoViNOro76ulalQNPrH0XZG0q05orLsz0QB9I
Content-Type: application/x-amz-json-1.1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 37ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je3b81v9135293448&_p=1700638361464&gcd=11l1l1l1l1&dma=0&cid=381228326.1700638362&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1700638361&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Folkd%20%7C%20Home&_s=2&tfd=9654
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
289 B 679ms
252ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Wed, 22 Nov 2023 07:32:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: f9111f78-f7d7-28c2-a4c6-af9af3404948

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 112ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: d7be0267-87b5-fb34-8a69-b2851b6766de

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:50 GMT
x-amzn-RequestId: d728020d-244a-5820-8aff-b2ef20dd39aa

GET
H3 200 ym.0.js Show response
static.yieldmo.com/ Frame C1FF 471 KB
123 KB 25ms
25ms Script
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.0.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 08:45:12 GMT
x-amz-version-id: Xck034tCEhxPRJeQDbLy1jkP4sAxLMlx
content-encoding: br
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 82060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: 1mD6eVlWiV5vb1Y-G8woRx4UfY3t1iEhzuqBUvlZbUTvgfkYCjaPVQ==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C1FF 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 16:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 16:51:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B52A 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 35758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Wed, 22 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C1FF 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 23:16:58 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame C1FF 43 B
492 B 44ms
43ms Image
image/gif 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3412321065985346735&pvt=1700638369995&plid=2521236318193655889&imp=6204269250043764976&rep_meta=yu_my1-PVeIja3RBu5AyVxJcPUYSFysGr5nGM0uWpyjJjtyjRmCIWGgfamrkfdmbpldG7agX21Z2pVN9J9i57m9WrbKJfI87JwHF3QvJtwikNey_huYedQnZX8iAFGkMkbugbH-R9u3FPF__TShKsyFLVz35CBV8hoYPHhbzzH80oCWWsPgMvuy0_WIzakU4Nw_bnexhYbJdqrZM2WAoYT7DfHz4qhrli_-eh-Jg7cCmijm1IFCrM8Kn5hkybZ3Vxkv0LFhWVG9_VHmw5Yqa9IR9s2OhqZ5DjoiTwXuyw6d7c7CqjtsjehFAHAnC5SKqVnWDncVmK89HmrcFV8tWKq3a4GfowMJK0Ml-0S76kNj1zSVqlgtJutUernMrvlQdHWohWIa84hHz5jV2xGCEprCJpWm9sBzhKnKFfu3SzLw
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:51 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H3 204 l
www.google.com/ads/measurement/ Frame C1FF 0
0 29ms
28ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZ2CW9csXQGLjBHSoRXTKSj24WOStzy-TY_ilVjDeCr_8uxi9s9V0C2nhIeymB_vH3_BOpyHIQmYmhn44g0goFYJ4stg
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C1FF 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1FF 202 KB
64 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:32:51 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame C1FF 68 B
243 B 44ms
43ms Image
image/png 51.20.166.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6MzAweDI1MA==&v=5&s=v31hfqv4bha&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERTLkIiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTI4ZjgxOTY4LTc2MzctNGU1OS1iMjc2LTY0ZmU4NTI1YzFkY18xXzJfYWQifX0%3D&cb=7888687&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJjbyI6NDg5NTA2NjMwMSwidyI6IjMwMCIsImgiOiIyNTAifSwid3IiOjZ9
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.20.166.45 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-51-20-166-45.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:51 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B52A
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB8kVoR2n1ocbVeKWR0fNW0&google_cver=1&google_push=AXcoOmRqjGLlkF3UyenMgY5ldiiimz__XubBatG8SbDCMp4KVG-Z8KJYKmXZT7N1yuGogo1Bgf3fDIJsiQCEJNbMfaCO...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRqjGLlkF3UyenMgY5ldiiimz__XubBatG8SbDCMp4KVG-Z8KJYKmXZT7N1yuGogo1Bgf3fDIJsiQCEJNbMfaCOD81PjOxU&google_hm=3DpI-skNR3qWj3MHlipBMA==

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRqjGLlkF3UyenMgY5ldiiimz__XubBatG8SbDCMp4KVG-Z8KJYKmXZT7N1yuGogo1Bgf3fDIJsiQCEJNbMfaCOD81PjOxU&google_hm=3DpI-skNR3qWj3MHlipBMA==

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRqjGLlkF3UyenMgY5ldiiimz__XubBatG8SbDCMp4KVG-Z8KJYKmXZT7N1yuGogo1Bgf3fDIJsiQCEJNbMfaCOD81PjOxU&google_hm=3DpI-skNR3qWj3MHlipBMA==
date: Wed, 22 Nov 2023 07:32:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B52A
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQQj6...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmQQj6KFc0PGsRy7JmiNMZBgIaeQSfphKe8OwP3jIi9QEsJfDRFT4PfbGiWpe6e2mcQlz1f7-_0Jtwd6...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmQQj6KFc0PGsRy7JmiNMZBgIaeQSfphKe8OwP3jIi9QEsJfDRFT4PfbGiWpe6e2mcQlz1f7-_0Jtwd63blmn-G_e94xuuk

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:51 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id6ImyXVqJYr7GiASoOsjljrqAgXBJ0esip5Qw&google_push=AXcoOmQQj6KFc0PGsRy7JmiNMZBgIaeQSfphKe8OwP3jIi9QEsJfDRFT4PfbGiWpe6e2mcQlz1f7-_0Jtwd63blmn-G_e94xuuk
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 753215
content-length: 0
expires: Wed, 22 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B52A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBFIPfLlvg449rO_aj0K2-g&google_cver=1&google_push=AXcoOmQ4x9vbs5fsuYi_5bZCEM5xqpM0CvzDOe75GNZ0sCruy78CvYv-OWn6EL3BjJTQSpixThZlnV2u...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmQ4x9vbs5fsuYi_5bZCEM5xqpM0CvzDOe75GNZ0sCruy78CvYv-OWn6EL3BjJTQSpixThZlnV2u...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmQ4x9vbs5fsuYi_5bZCEM5xqpM0CvzDOe75GNZ0sCruy78CvYv-OWn6EL3BjJTQSpixThZlnV2u_0wyyOBdI476KhHyOLo

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmQ4x9vbs5fsuYi_5bZCEM5xqpM0CvzDOe75GNZ0sCruy78CvYv-OWn6EL3BjJTQSpixThZlnV2u_0wyyOBdI476KhHyOLo
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B52A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSsGFZWq2JGQsi7ZC7aFNub-b08CSr977q-FTO5CABzgV-o6_wmgZIvQQr2OGYD6IxXg5mYG2oujGqNr4aA7BM3UfSKitCC

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Uw3puuvqTy-zKbA4LbwDQQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSsGFZWq2JGQsi7ZC7aFNub-b08CSr977q-FTO5CABzgV-o6_wmgZIvQQr2OGYD6IxXg5mYG2oujGqNr4aA7BM3UfSKitCC
date: Wed, 22 Nov 2023 07:32:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET us
sync.go.sonobi.com/ Frame B52A 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B52A
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGDpC0o277RoLgv2Krj1x0Q&google_cver=1&google_push=AXcoOmQivn6x6InkpMsd6Xexb2YI30KjT2FLB7UfEpqcVlfUUHcENA09TyVMoX85fCVPWJEu3uTentiPfs8iF61AQ...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQivn6x6InkpMsd6Xexb2YI30KjT2FLB7UfEpqcVlfUUHcENA09TyVMoX85fCVPWJEu3uTentiPfs8iF61AQWul5LyaBqY&google_hm=HspkpGZHXCEtjKfnQregqtlM

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQivn6x6InkpMsd6Xexb2YI30KjT2FLB7UfEpqcVlfUUHcENA09TyVMoX85fCVPWJEu3uTentiPfs8iF61AQWul5LyaBqY&google_hm=HspkpGZHXCEtjKfnQregqtlM

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Nov 2023 07:32:51 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQivn6x6InkpMsd6Xexb2YI30KjT2FLB7UfEpqcVlfUUHcENA09TyVMoX85fCVPWJEu3uTentiPfs8iF61AQWul5LyaBqY&google_hm=HspkpGZHXCEtjKfnQregqtlM
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B52A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIVt9u7sY1k1CSssO5Z9Mvk&google_cver=1&google_push=AXcoOmRLfZvNoSIBXgpPXuij3G6829C94IV6BuX4LjT_HlfGATFYRVUzr3ieeWy5pIGKG7k86sAjbXqmgLp292sTvA8ZbV5ZBDY
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmRLfZvNoSIBXgpPXuij3G6829C94IV6BuX4LjT_HlfGATFYRVUz...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmRLfZvNoSIBXgpPXuij3G6829C94IV6BuX4LjT_HlfGATFYRVUzr3ieeWy5pIGKG7k86sAjbXqmgLp292sTvA8ZbV5ZBDY

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5MDA5MzAxNDkyMzMyOTIyMDI1Mg%3D%3D&google_push=AXcoOmRLfZvNoSIBXgpPXuij3G6829C94IV6BuX4LjT_HlfGATFYRVUzr3ieeWy5pIGKG7k86sAjbXqmgLp292sTvA8ZbV5ZBDY
date: Wed, 22 Nov 2023 07:32:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B52A 0
12 B 30ms
29ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L7tjBx8-k9zNxE47ZEF6tcZJXASys3zfd9OggMnu0-oOaeIG1xjGDqdZa36lUjQZu9Jezg

Requested by

Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame C1FF 49 B
499 B 24ms
23ms XHR
application/json 2600:9000:2250:f600:1e:fdf8:aac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f600:1e:fdf8:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:48 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 4
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: Q1nU-cARFXPEZ9LFqRzOpbv-cT6Zu8jm8pxBlqyb4TqXANKWo96nLw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 156ms
156ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:51 GMT
x-amzn-RequestId: c9f883cf-5a6d-e7e3-942f-332c5efa8669

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C1FF 133 B
569 B 117ms
116ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 7796a9846d4aaeb35dcca491c639295994faaa796b20610526d6e1c5da4509b1

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=5bffdd8e71c3d2607f723517cb3a4c6d422fdb06458b5f0ac0652d5161eb2423
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 6a07d06d43f95642146b216c2f9ad5e5925701c1d85833fed451441b5ab6953b
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073251Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:51 GMT
x-amzn-RequestId: d385ef36-6e5d-f954-8e52-5fd56aca98de
Content-Length: 133
x-amz-id-2: v6Cw7gPkrhblrkcso80Hln+RtzXOvvbsKRLrferNmVDmsP4yvqZRXPNaB4e4P1nY54w+9qoqSKX2QdhnGjwqPt89i3vJdf56
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 6F38 0
0 42ms
42ms Document
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Wed, 22 Nov 2023 07:32:51 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 142ms
142ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:51 GMT
x-amzn-RequestId: ea429623-8ff8-5e57-b795-26c08b6f3fdd

GET
H3 200 36.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame C1FF 210 KB
64 KB 22ms
22ms XHR
application/javascript 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/36.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14fdb30698fe1edfbb87904d8edcda380e8ebd520ac5725c2e9673b4d668c680

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JE5jqTVkaSrzzikfUJLYTw46l5zTACeB
content-encoding: gzip
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
date: Tue, 21 Nov 2023 13:36:02 GMT
x-amz-cf-pop: FRA60-P5
age: 64610
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Sep 2023 15:41:24 GMT
server: AmazonS3
etag: W/"6ce58e8e92e962aa1c2ba7880bfe08fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
x-response-headers-policy: static-yieldmo-com_js_text
cache-control: private, max-age=1800
x-amz-cf-id: ZqfV0xdTmpmz0vvF7CU1RjQVV0sJKm796Hjq5V1S3wyverC0b7XcmQ==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C1FF 133 B
569 B 124ms
124ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: ce9d54207cf5c9763f1f4ed8394e11fdc571120e8a3f9931d54a7bbd09641752

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=7afe6cd9af6f73a70cf30ef90e31238ccd568c3326ca6d7098eaaa19cada8bef
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 153a64438288ed8242cf2c60ca75ad7b6c6069d1d1bac1009ca0ddd0d0ab4615
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073251Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:51 GMT
x-amzn-RequestId: e7728045-8ef8-5210-baa5-30a68a6f339a
Content-Length: 133
x-amz-id-2: VoBOwl6BoCxRDNm1pSDI9qNsy+eUguDIVkWYrywxoitmyPrIv+fbtZDy3eQ/kUXb8L1P3qiqM/sra4143OMLz1vzENUikr0A
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 0CA2 0
339 B 43ms
43ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=mrcv&imp=2047727536129101633&plid=2521236318193655889&pvid=3412321053989616942&fmtid=36&fver=6.0.30-F21-36-40-46-48-51-53-54-55-60-61-B538&offsetX=1140&offsetY=159&pvt=1700638368565&stime=1700638371525&etime=1700638371525&viewportHeight=1200&viewportWidth=1600&adSlotLeft=179%2C0&adSlotRight=179%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:51 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 6862 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 565D 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 35BE 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 9BD1 39 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame E9FE 39 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
DATA 200
OK truncated
/ Frame C1FF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c44ebda8dbdc8fb9d21e091950d81b6bc3d30ce8ed8e36efc584c77579fb403

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C1FF 0
0 65ms
64ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw57doa5dZcWrN9H63wP9rK74D4f0kpBc6Oum6fUEwI23ARABIABg9YWAgPwDggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBOEBT9D6z7MRZEaWGq-yniOuZrKYV8aObCz6vCVHJVX87bZrKILWvkW2Izql-4LDKlw57ka4nVKJjisSUovl4lMhFfIgQK5NUvEa5RwsITtoyIQzC-7eWNydkap7DSQB3AN1h4BUFkO4_7OCvTg7_Oxw7oFP82f1zfyqBioiX6g4bEkl2FQU_pcES1dHJlatnRkopzpIjI6aYVyuqoVj-XX9ANeHBePihlENh_x13ufs8Xa-ie7pp8kzd5mNojkVw5xdTBsXC9DiLgfAqb4YYCI768Bj8a4MCjnTIOCX_5sFtMLS4AQBgAaFodK-0dz1yfwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB4g0TCJ3lts-L14IDFVH9dwodfZYL_9AVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=pAueZxxN_2E&uach_m=%5BUACH%5D&cid=CAQSPADICaaN1UCXTd1LNzItG8KB7wlYbnkh6rnr7ILl3UQlifzpEzaR7OFoNVeMUrJ8kpRgelcZTV38LpXVVhgB&tpd=AGWhJmtU3Um89TAsnsvq5SfwvBp3df4O7ADjJ_s4XWwaXR79xHONFGY2tK48myXrKYRufBDLHcQIoq3UbxStRJLnkzKHTrHA0OUKRO_4IMMPlZVqpYbiZD_qoK5EWlgmERq2RWCuZk8W7MVp649O_iRuXW0vtGLMW0rn5vYCw6-0qYqVs_x0vTVH0uN6iqF-hAZPl8WiCpGwQexZArbjorRQG7IfU61PYa70oVOI5vLY380iTCQLPbIOmvREiP6UWjhddjOr0KE8w-IbQvoFB83cI9EezpqC0mDEeeW41oxT6V9Mfy-mLqbVbsqnTzI1AwLE3eVknsyQamjHM9sEHRZQj_i7ubId8VJnNL_NhCDfBmxNF__xH-VuB2RRzYM5WWLAB6roRrd4uAu49CBzVgJ0aw5SoGERJxnO8l9U7Xn8nRuNLG3TZQQS_mBPTihlMzT3IwOi0P9SRVvuC-n4pcr6l4AMQXk96Q9YPXA3iZgvnlcS7MuZAFkuugz0krbe0rnqw1ssvzeJ23pX1NbBPijO6nwWqm1wfOgseLm2a3DH2Lf1OyB8RtVTVf7V__IZmBJspIPYJllnUB23CsU3yISBNmBEQQAfSE_t4PeaviHW2RG-fMOXxllBB3IbRYyCH3-oTj5rpwD8bwC7EQdH1w7fmJU4Ubgb-9kWekfU5PkEwLdVip7lo2JeyavGcMA5KEcnspFgW4wFZVzel1VGVuVv-owLk4Jw9AfEylYtGM7LvaZXeITGt3dw-CTDBBQBZQLbMaHHbyyA1APgIwiXhViJaF48D7tPSj6s2BgTlz0v2_Wj8-sDNZIbi8Eo&cbvp=2&vis=1
Requested by: Host: 72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
URL: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ad-choices.svg
static.yieldmo.com/images/ Frame C1FF 699 B
1 KB 33ms
33ms Image
image/svg+xml 2600:9000:2646:da00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2646:da00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Tue, 21 Nov 2023 21:50:24 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 34948
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-response-headers-policy: static-yieldmo-com_svg
cache-control: private, max-age=86400
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: oSFuuGzSR82FRB62j7fwvVFMVVt8wCQwfnsPexvhIGL1PW11fgMx8w==

GET
H3 200 5430642788258857525
s0.2mdn.net/simgad/ Frame C1FF 208 KB
208 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5430642788258857525

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10811981330cbdb5551d356db50a88ce22539d28800c15b8c5d5aa4c6221642e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 02:36:58 GMT
x-content-type-options: nosniff
age: 190553
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212576
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 02:36:58 GMT

GET
H3 200 7502160840059664042
s0.2mdn.net/simgad/ Frame C1FF 2 KB
2 KB 32ms
32ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7502160840059664042

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2a7c1a22b6efda1bd648110cb8e22b462242c29fcd2dcb25a5cf96d8d0bc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 04:17:09 GMT
x-content-type-options: nosniff
age: 184542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 04:17:09 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:51 GMT
x-amzn-RequestId: c303810e-5b54-2416-9ed4-31edc786b9fc

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C1FF 133 B
569 B 123ms
122ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 6df989715ad32d6cfc94743b0c67010d2f3e90d15409779527d705a0f6a07b3b

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f48e4cdd8f10c37d04263df14942e265d329a3045c6cd6c006906cc5e9714419
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 02e4af4ca261f2fe18faf444eb64e4c3b2d6913fc46f45986a78d0c594b39519
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073251Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:51 GMT
x-amzn-RequestId: d58a26ae-1509-8f85-885d-964d89db126f
Content-Length: 133
x-amz-id-2: bY3x5mBPsN4tXXOgQBJEysCMlYQFPhrpXgOsx2qQfp4leJ4rJX8KrJmznhphO6ZVKK6ZLDhL94eSAOvzbKAXURqTXTdNdF8H
Content-Type: application/x-amz-json-1.1

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/AmJrC-ADEPZO4-aN/ Frame B225 0
145 B 422ms
46ms XHR
text/plain 34.249.193.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/AmJrC-ADEPZO4-aN/postback?oz_pl=1&sr=yieldmo.com&dm=728x90&gt=ch&ci=518423&di=folkd.com&ti=3412321029805258910&to=3&si=2331256393946538634&bt=programmatic&md=1&dt=5184231558719353398000&pp=2518831497914294538&pv=26d423c9-ac23-4e2b-8d07-aa3f1d5f8ce9&de=2&pi=3412321029805258910&psv=2.112.0&_x=1
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3412321029805258910&pv=26d423c9-ac23-4e2b-8d07-aa3f1d5f8ce9&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3412321029805258910&bt=programmatic&gt=ch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.249.193.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-193-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Nov 2023 07:32:52 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.tas.yieldmo.com/2/2.112.0/ Frame B225 143 KB
46 KB 43ms
43ms Script
text/javascript 34.249.193.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.tas.yieldmo.com/2/2.112.0/main.js

Requested by

Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3412321029805258910&pv=26d423c9-ac23-4e2b-8d07-aa3f1d5f8ce9&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3412321029805258910&bt=programmatic&gt=ch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.249.193.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-193-45.eu-west-1.compute.amazonaws.com

Software

Resource Hash

33d773949d1db57b1c73f8ea28ca64d9383efd3ddf71eebf1a5143ff5b376416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 07:32:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 46213
Expires: Sat, 31 Jul 2055 09:18:40 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 114ms
113ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:51 GMT
x-amzn-RequestId: f76865f5-0975-8b19-aabf-d5160de2ea93

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C1FF 133 B
569 B 125ms
124ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 4a5554d8c23eab796709c23adbc1d69132b44642d6c6fae174456fc50cedc949

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=acf35a7e7f772200eabffa6a9d9c78d68cd4a0aa93953b56ac9c51ca54452a77
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 4d4760af7c136e99e8467f0064827b88e438b0c9f16849c52cb86b359fe76d7a
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073251Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:52 GMT
x-amzn-RequestId: dd3517fb-1945-f011-80e2-a71f1dd2919b
Content-Length: 133
x-amz-id-2: wRwBn5ElSOk7t1WpaJ1wB/WcOmuYvxcNBVA0oKe724k7vvYNfNLIqCAllzP7nl3yTQNIf5Q45bbnxqwPUwM/rSzSZdejQMdc
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame C1FF 0
339 B 45ms
45ms XHR
text/plain 34.251.207.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=172&fver=6.0.30-F21-36-40-46-48-51-53-54-55-60-61-B538&imp=6204269250043764976&plid=2521236318193655889&pvid=3412321065985346735&fmtid=36&e=16&offsetX=0&offsetY=0&pvt=1700638369995&stime=1700638371902&etime=1700638371902&viewportHeight=250&viewportWidth=300&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.207.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-207-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
pragma: no-cache
date: Wed, 22 Nov 2023 07:32:51 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 84DF 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CPTnuM2L14IDFcNZFQgd9JkGLA&bg=!qaqlquXNAAZxrfrxUa07ADQBe5WfODNpmTCy0jAwrfxW1BfkG-w5HxNCd-V1IOqJGB0eT6v6ZaPEgndtlXVwjimuQzC5AgAAAjFSAAAAAmgBBwoABHdAme-ZAxtT2vAA-00TKK6Qki3RBHNMt4m-AaBLWExVtuxrIpIIqUlF_Z4-A46MJ_F1QiISKiaTbgtP4Gloq_W6AlA3tbJqROYfRbPyTKwKDMlChCS8EY86-dXa3gmOG12t79RIj5VPoyniHmm8lup7LW80qguc-2b3t7CUsI-cHaMbX4w68DdEwYtCOnyHmzOjyd_yOb_dhq_ZpldRw_97PH2XBC4O5S-harE0ZDoHP7DN_WLsvxAqxbwTNDYqDMJFHBMSveLLnd0JtOfu_5wU9DY4nxENk5aNSKmijFPfzkN2Tpgx7D32Hw-5xZqYlrHKVkJDyXijxf-NoM41ZblRyBo-3wVwsgYfxTBfXjmSs2_mSghYMU4zrkrB-eox6x6x4hT9AHsNjFgOpvk3L3K1w-ymFMjlJaPOb5Nb_6-ghLfcVF3H1U6i5UwPKyrqJcLWiBOeWAXe_U-3XevBGOaZVgV0LDqPHSP2VLThtLD6CyMS093yDjNuo67VuZvX4R61YLjWGiBKSWpp7ZVaL9fwfX3mE3Sv5qVBudQynStD9XBKVHSygYqdc3QP16Q1xUdyqXXWy5EPVUqy4nwTF7Zbtwanl9HH9M6HkgkEpWKBoy5RXvgW_AiKPOKzZYpv9X_kB5FDftIWrcaSZeX9GeBxSNYzYEepBY6vbLGZr0K6c8mIPtoTww6g_JJcrIstKiW0RhlfrPDORq3jZR9aVH0NcfK25Z71brCLrXk2qN3-tvLL_duKVSF2C9SLg1Lk77Y8aCyV3ovZRCCZkIG_uvkeCQDWQ3RHRKNgzarpU-Vtoylr8MPjutWU9G3X2jwq358BnaVz8Xqy0JoocBsgW4caTJfINzP3kcpwafD88kTUMuu7AIILx-LgbP0KG4r5RTXl7D1iQEr2bpQsm8YtpxMe5Wte5zqF6txHIy6VFX1owESXaMCO2NpQ9pU40RF2CV_H1qn4xOsz5fggL852gWtymAnGAIN4VqR0XHl36-sCbTfNKsSUfCXv8CknFfFG05mZFvSVdWA6A7Vy83Tis3TsuF5zURK87Oj2nzZW-JptlSI

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9C8 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=COr1ts2L14IDFRSicQod4ykJkA&bg=!Q0ClQA_NAAZxrfrxUa07ADQBe5WfOHajRV_wAt6pPEje-zCR0jjn_RBEP5UgXiM9Dg8V-mJjjSw94iGI_aA8d5r1fOCIAgAAAi5SAAAAA2gBBwoAUPYfm3Y0pxoD_tuztZ6RkH7j9K3UJVkHQFfAhqYoImtZLN6qDdDTJq_E0EGUmEN9MB1R-v7exO-ExlxdZSroxhYioSvivOyNNx9Ip17DptscmQMOJ6P5xBbxEVIcKzF-8CwksZ1HIyN5DVUqF9wW8JEg3H9SuybTPeh-bCewW_h9SMgUO3bJi7Sk8MJLmSbCKyls3E1oX0bi0G12RbjggMmeH_WoeHpCwR7AfltQAxuWDe2f_1V3MbYfdooKuNtTTuKXlSehVKDG0MQzSg5Ara4r5CKcMR0LS-L-6WPWRVWw9nkGW96HDBvR3tmjsWpqwjWdQkPvkYoaGw2HXM4zs59BinfJU4seDkrdGqia4nwQJQJBoeuoik_QAVf3U9Jzir6K28NUHJaSuJij5SmiSQPKZxvRfEehbjpffNFuA6kGmdyfC90SWu9nR-vQUSKy7fYa6hap418b2LkuiptcgxjAn6W-RBYWLXngokAZ0Y22qIoRiK0nNtRd6_RRtWJGgiUmPwrG_MM8aL5pOWAkRlgkiv9s-h6AvBzX-6U14n4xj_0GNBwmHLU-wDzT093zsA7jeudRW65rusE6AeUxjFDYpz1Ub3WIawLIz_UuKxQE4Nqwyqaarhbcr8ohBbczGrca2n9s95FaXMdsrwI3bioaRhw8Gk9wxSg0xMlWZEaXUyVzbQcAYyqtv6vzwSobIB1VL5kG4Ky2hKTwlgYrxRPlVN5wNakFnJ2MUvKnazx7vdllACKa9G7w7_SQRktwF6Dv9qucsVW9R0U8ENZbW6Tpl_Dq-_zjobiprSwMqxTcO2L25SSwU-wHekVE6w6HHJrjtQHBELvgsy4zYHGDWArCGxlwZYyXCB6r5aKStoRi1JgigwMfCWA0fX0DMn3LO2MnsY_sVqAirL4M2d83eWo0EN-jcygjQPABQhvj92m27rSi9sncETNHSY24hUeyYaS1JdXhgh8K0KBA1-Ndwz_QbUFXZLG6UviW6o3kxMIfHZhxx9oi7KTLHTeIxZU01N8lDWCxBZSv3mGS_BB0ZbN04QNdgCf5HeyUYf8T5tcqVTQ1DFdpn7dUKSmds4NVxjkIclk3fsQ9yhNx3MpMSC46sQfn9-eBEQbqEyZmPj707Z-QCgp5KiuecsIusCNohBI

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2138 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CMvfts2L14IDFT2HUAYdlH8BvA&bg=!lpWlldrNAAZxrfrxUa07ADQBe5WfOLOU3gDNK5UCB-s0maA7qqjkot_DYGUVTKVbjLjBUXFHTub0tCuY7PPmGHWrPQCvAgAAAmNSAAAAAmgBB5kDEtmzJB0vXDVYPCLuXa7Jv18UurXE_p4x7_cHvIpQfLgI_bkSVEpcUXrqngVcKTN1QAWPrzMzkIdqz1o_ChVayAkL3l4pA1iMyB8pNJ0AmqF0RWSHAIBBVlQ2Jz_4ngbWcnv-mxvxXWgWaMUKf1Z8TI30klnzg7BLeYNuDzTHun0Djajgkl72CDUd-aadxJe18PFK4nmftRvJxbt1pEz83CkTBPWAy5v7dDdcG_Hlv16hamX2JbbOJfUHbRjeh7trRppWM_2osNcQJ2kpgK4EJ942CpIywdJVPDW_W1b9wxmK81QXzQHcu0hRxkgtn8Bv09jpQO1YXv4ndYKKioPnvgxgm86I4IE4VP3zvCFI2TAEQJpbEGg8iNLlFOjYHAI9TU2sySp2jCy_thOY-5OUkgqFd-902P27AV_g7StoJoAswfQX7_P31FQ3w7jSP7rDX6ogz1YMYoDpfhJxlSWRh6vx3JSBEoaJnApoz2QYci_3oB7wozXXTRq87MUsnh5aasEPCgLujyDc3-DQuMwTy9kb119jHpCcN3zClTaXQTjjhX7-FKlO_lVnZaptzvraQHxXRx-Mu0XssG8wfsuszs2m4uU9MEjw3JDLUSAs9YcrjYMm92OExwPCSEw-0TsqyJayX-ZhSVbKSWj3jcNin5sLMEsZAEKkp7PXqD4r5kMelxnYd1Fdb1UzZTdfSsFm0T7sAuXnjl50ux8wM0dWM32iKTl6N47jo5z8AnkFkNloWHqZnFjhfntRrOcSidwdXvC-obG5p6JeOx3nBX3c9PoVKQnzmUNtNJ5E_SzOByWTPSiqbWhHbxi5V31qyOX0ceEDjJ7eRLJbGKiJJLkiD5MfGRd5jY2C0Mi-RzpHEGDdmxKgKDMRdWKIKuyKQTBmLjN4qcQ3DZgh22l87Qk1nV4rTom6ISZkt1KeTV0bpKhMeh-lPNzOiYX_HFdvhf_bmSa9wf2x7hUn4VU3SvZjZgeVq5DEgtHMARYAObT84cIV20NKpQ687qSdN52vA1EZqFtPNxthcHhX-qL3dhato-Thsg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F593 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=COz6t82L14IDFSONUAYdhlcBfQ&bg=!lZalltnNAAZxrfrxUa07ADQBe5WfOIav3nTmnMfXT2493WtQxDQjyOtuFPS8j8yPQJMkOyYlXzScOmy0zEX0uLY1r9aNAgAAAqhSAAAAA2gBB5kDC8eFT9YURLQ6ADtQnEa6UhHpYa58oJwCrujWUsmdVEdyNOIqjYseWtTXfIPYkNidaPOfRsnkdGi__nLtO0bzSle8U6xRUG9l5A4_wctmD8PYDSjJ6Oryt22pYThm-sJfmOZ_f-_3pWQtqChAenK16UUVl19Rk3QY7o3nN9s3i2XMx-5pCF6J6P1kAtKXweg_6X1wt5RjHOWvXSTARxYnfABW9xGJ4fI9Xs0Br2NWwLj1l1M2v_CpKBUtoOcsQnLcV_3L8oEehMw4v_LCulMIZt61EHWQadUDixGyGsuPqHjO5ddC8KbXtOlOv7NGNR3zqRQW_VqPkDIOxkhMB53-4tQzPZDrd3dRSiO6BJeqOe2WQ3pTzISQH7I9K5SvGIEdnCRK73lxOFc042G2rXin2o4ipQcx5fr5UNMfZAvwUGG8ohXsPTeo0gjj9AuMFIMfXBNzpOpF_WxQo1Q13qpq8CEVUiTMy7oC-X3rxW3NdvEXEgI5NUCFkkKVo0dAauGZ-lX8Pw6rFHsjYYtEMAH-aDvoMPIw_Mub0aZV-LiJSsgfq0d9eM5qgK4_jvZCNQ53QieMveMXl05aCMtgWi9I-FOvl4zKrXQEj-txPqqK_c9DR5Q2APyD2zOWhVcgmjK5Q7thcoHUhpH82S8Yo1WS_NKIpzMKnHvD8PgsCfAOZ0KnHw9w-MmKQgfPNnQZ7hbPl8mQceJQNDDSWo2wuIAr_M55BD1kmro4geTYjEIcgcUEw11DU2sX0h370GL0SZkVvSam_XY62IEfhRNzmZC56N-6cMmr0xmW9HlQyGT9Z4pDTM5giDwx0WwF77NbQinkxcznNfACIJ1YF1ZCIXWYuTcHQqEJjX8EnxLt4BN0fTbTk3aLSNFXOgg1mNH1iEnOetWBIxdDCHsE9v0ltOpQZtc3Pt053wCZFtACyKpfdISlKftX7yVqz5LD9w6fEhxmhi1cHTsg0zyOGhSYxn5N496rSRFdnTCc-JDg-xSh7DZdPrlCnN9qaFfZ47g3mdfAAE6j_73B4rKzh0mC

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/AmJrC-ADEPZO4-aN/ Frame B225 0
145 B 151ms
40ms XHR
text/plain 34.249.193.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/AmJrC-ADEPZO4-aN/postback?oz_pl=1&sr=yieldmo.com&dm=728x90&gt=ch&ci=518423&di=folkd.com&ti=3412321029805258910&to=3&si=2331256393946538634&bt=programmatic&md=1&dt=5184231558719353398000&pp=2518831497914294538&pv=26d423c9-ac23-4e2b-8d07-aa3f1d5f8ce9&de=2&pi=3412321029805258910&psv=2.112.0&_x=1
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3412321029805258910&pv=26d423c9-ac23-4e2b-8d07-aa3f1d5f8ce9&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3412321029805258910&bt=programmatic&gt=ch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.249.193.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-193-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Nov 2023 07:32:52 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 112ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:52 GMT
x-amzn-RequestId: f5da71dc-7565-7426-a80d-c138e9b7e9cc

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 6E3A 133 B
569 B 118ms
118ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 049351e05aa186ff61433d38b8628d8db7067dcb6e4bef8b6043efca8295efbc

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=dc6ab01df0641e07cb562759703ed74c6d695abf5320a033ee0279c3030130cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 7494c974ee72fdebd974f5a1a2eeaef0235bfebeca4220c5e0c50d81ec2be529
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073252Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:52 GMT
x-amzn-RequestId: f35477c8-cda7-9afb-ae83-c72c51750711
Content-Length: 133
x-amz-id-2: Xb6r8N0UZzz6hx8rDeoB2pkeqham2XV+VovOAVG3daKFSV/PVpPuOzJ8voDiAjpNhG1BdnPLceOskT6KT97NAk+XAo/b8SJ4
Content-Type: application/x-amz-json-1.1

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/AmJrC-ADEPZO4-aN/ Frame B225 0
145 B 163ms
41ms XHR
text/plain 34.249.193.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/AmJrC-ADEPZO4-aN/postback?sr=yieldmo.com&dm=728x90&gt=ch&ci=518423&di=folkd.com&ti=3412321029805258910&to=3&si=2331256393946538634&bt=programmatic&md=1&dt=5184231558719353398000&pp=2518831497914294538&pv=26d423c9-ac23-4e2b-8d07-aa3f1d5f8ce9&de=2&pi=3412321029805258910&sid=AmJrC-ADEPZO4-aN&oz_sc=7d6bdd2b64b390b35c9bc6c7&oz_df=1700638372105&oz_l=3834&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.249.193.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-193-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Nov 2023 07:32:52 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 19ms
18ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=d387daed-9e60-4c14-a162-c5c47fd6593e&a=p.l&u=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 866378
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4A3CC3559F174FFABA90AB65B3BA31E5&RedC=c.clarity.ms&MXFR=35425CF3DC6F659326A54F22D86F6B6A
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4A3CC3559F174FFABA90AB65B3BA31E5&MUID=205FE87D80B967902E06FBAC81BF66F7

42 B
444 B

43ms
43ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4A3CC3559F174FFABA90AB65B3BA31E5&MUID=205FE87D80B967902E06FBAC81BF66F7
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:52 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 54E28B2696F9431FB1E74805E8A9979E Ref B: ZRHEDGE1110 Ref C: 2023-11-22T07:32:52Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4A3CC3559F174FFABA90AB65B3BA31E5&MUID=205FE87D80B967902E06FBAC81BF66F7
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
71ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6139d79aaeed0cb80556c652d7898fadac6428948d236b2515b9d9dd076d2d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12355
x-xss-protection: 0

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 0CA2 133 B
569 B 121ms
121ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: 4b91c22973a5da73c5ac9c891047e4759f25e8221d0716ad3f3ad3469d62a8b5

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=93c40eccb90dca4802a1ebb466092201a4657247bf7fa401b37d5bb632af2a29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: b97d96784552bb329de838ae6777d668580b0c4eef8fea5ad3cee51c4db8fe91
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073252Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:52 GMT
x-amzn-RequestId: f39f89f5-9aba-9e23-ae48-39119e2dffa9
Content-Length: 133
x-amz-id-2: AF2WHR6uPxK/0cqP6s61G9DA/I1pgSIkPg27l6Q9AZO1HPu9pNuIXPCtBjpIeyjJG0ucG7kXvVv2t0VzmcuVb0QAHhjv6Q+p
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
112ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:52 GMT
x-amzn-RequestId: f6bf622f-a117-b2f2-ab68-d2cba580d378

GET
H2 200 a
www.googletagmanager.com/ 0
59 B 35ms
34ms Image
text/html 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1287771812&rv=3b81&u=AAAAAAAAAAAAACCA&h=Ag&gtm=45je3b81v9135293448&ccid=135293448&cid=G-7BR5TDFFPC&l=G-7BR5TDFFPC.L1320.S3.Y4.B24.E10717.I1377.EC6.TC12.HTC0~*.S0.V0.E958.TS5ogtgasend.TI15.TE1.TS5ogtsessiontimeout.TI17.TE0.TS5ogt1pdatav2.TI18.TE1.TS5ccdgalast.TI19.TE0.TS5ccdautoredact.TI20.TE1.TS5ccdconversionmarking.TI21.TE0.TS5ccdgaregscope.TI22.TE1.TS5ogtgooglesignals.TI23.TE0.TS5ogtgagamlink.TI24.TE0.TS5setproductsettings.TI25.TE0.TS5ccdgafirst.TI26.TE0~gtm.js.S0.V0.E949.TS5gct.TI12.TE0~*~gtm.dom.S0.V0.E928~gtm.load.S0.V0.E60~gtm.init_consent.S1.V0.E29~GA4260.56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:52 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 07:32:52 GMT

GET
BLOB 200
OK 87af54f4-d2b8-4fe5-b707-96a792a151cd
https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/ Frame DE72 186 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/87af54f4-d2b8-4fe5-b707-96a792a151cd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 186
Content-Type: application/javascript

GET
BLOB 200
OK 00f1a520-81d5-4520-8d16-3fa29f0e1406
https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/ Frame B225 817 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/00f1a520-81d5-4520-8d16-3fa29f0e1406
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9f8921cd65e928a2f9f7d1f0ff5940300e8cfd7cc66c2cf569d5ba6fe1b5ad0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 817
Content-Type

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C0C 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=COPBt82L14IDFV1kFQgdzugNSA&bg=!Dg2lDULNAAZxrfrxUa07ADQBe5WfOCcRGHpsKvH_-xSrDVmxa7QXOgifIPG-Ko1lOrPmclPKhwLsKaUXzf-OyQsObih5AgAAAZVSAAAAA2gBB5kDIpBxngF-C597YCAyTKmbX7Aq_Qlddz2zxRvpPOgy64lAdWV4kI15xXcosZs8NHiflrGJJ7-QAf2rduPQTC6v0PTR4gmUnHE8xfD9r2wTq9NPX2quXy0H4W0VcNc8qKH6jApjKQu3wUZPoZQMxTO0RVTtJLwCpE39b-pmeKzYkEmrxRqV8rOLPWoopkjZ9xtAI_WkzNF7Qj4Jq7h2PXStDthhXBbb9CEz7vxQvIYN1eJlQ_BcAiz_4SgzlU9DbBfeRzJOYJYpP43SWDEFUio9iQcuiLLShJDUQBouTkuGIMJv8dsqJIFPk0C9K0lKyUWiXfW0s41r5nNlDVoRMGr3UOd8dhrCNUU2JTT6000W-pTykYbnsA3gLDDnTCAKBL3KHsFSqRP73FeFT1m0xQ0V49b5JSqElzTJHIqP8PoHmgd-zrOW5OIDh9tAYzZqLAmPpRO5RQy5gZwa-dPIO6XHjAyfn6ckkdOtjIfBF0qmdciSa6nAeMLF5zmVzJybS7wdH-BTTWU-DL3pmhgai6ONC-Ws-APYQx373VBeVlJ8QkrTXrTK5QktqOxmsBd5AbuGTAhGEd3ZJwrQ-rhIicoQQezW7h4tfgz7yDPxqFIy1KRpck6AdIdQwimuwDvP3_ZEJd8yS2bhymmA0eYOEVA6m_IRxO_dCLMgzQXkT9r4zLFoKX1nTMNK03vMwXtww1VbKp9q1mBhEOXVg_ETwWfUCmtztqdQrZG71HHGhYZSqHrLOe6kik-iD9CjM7aGrXwBqUNxlkv0uN_rEetThkOdnsc874RCZz2PzqCabbS5L0wl0LH0m5U3Br474LRQmdXnoFNTn9toNykOMbx_8Yp-rVWt3FL9hQsT72Nle7In8YXv2EqmJ30rejSJEGEBjEW3j6xsC63YJ7ZVj8K_Fep3lhcdZh_-caULUlB7tiLeK8xfTZWkQyBkTaf4WJDzLOwZU_TtNvfNJh0_rndcm5z7FhfAom8mIBKunhzpnppNlK9gefCabPIuFscSwKoOXyiUwajLQLCURrDtBHhv7j2S-DpyrcRKEiIHaUHTKed8kf0WMTg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F8B 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CIuxts2L14IDFXO6cQodo1oBAQ&bg=!JSalJmnNAAZxrfrxUa07ADQBe5WfOGuYYwmglL01GLYJQtq-9m5e7c3YRuM1XP5oeoJoI5C4TNb-6kSlpARgL0HzjTslAgAAAYVSAAAAA2gBB5kDEy0XPMeTXtEwY5utNe01sEatrdNB__C3k0q5LXn7BUd9N2yo1liEeUbeW16mvucfgVSmSCXvYUUoLv0wVU3P0Ey3BPSFmsInA3hmWkPEMS3Ei26HAB8JInwX27bDzbupjI1C3w6uJtRybsAHUFbr22k7rRD8W14daOuaFJtdlBfMt2KwVhncNY9v_7zoYfx8THV7XQJULD_E1X6z-KD7wZqoWQmQQpDfPDhYhdqT2SeEOXshLWqIomcWNT8knnCjwt9_EW0MFUajakYU_udIs1ZgGlIgCA_yFDkySopnYDAgNvGkrqRzAcUVzbnoVCVyP52Hqm3cH4o1UEX59dfsE8PhEvS0ikJM2PN63u2PwSnhTjpc3D2aC2KhWYUjpnVJPBDEnY2OtVws97uBNSx5hNfaU_FzzG_Szq9t58NCxPWNDCvKh6oe_yiCoTQA6VC8mVE9qWo56QIQXwYdUI7BSMl5lCZU1tFS1NCPEuvEcdBDreJSFS0rgSmLzPX1UsV62GgqcGzyJuSPYvyDC29FJGC6WmJjDPXcgfX4RF9DVX20YFLpELb8hUFOt4N3JXQDZTMVlsxdGz_-f1PfuNnnOTyoICYPj1fD8DKoM_o9SoZKULyLqaqszKN46GnqjrLEPEH5loMVGDpNU5dU6sAHT0M0pUxfLO2scW5N9RU2V-uxr4qNLUmfMUbGw-E25HaIGse7xHb-bvZJrCpYZbnv62lh-OJCWW-e2nfaffWWRbs6nV-yJB2iHvteFd1yr2F6phIfodCjyJRhlWKcqRyvi5qHJvs9eEoDw_yhxTqUXy2ZXpLMoWuaJV4_9srFxLgAZ3q1yCgowZSxeni9qndEdG8Uip3Tss8tQwgfTM5yhxIOcGTJ94m1MQTwt12s3c1dVLmSMtwCUfhvMHTamZPKXSB4_TTS6kJiCGw7OqOk13yFpjo7YIRd0vUP663eYMNqeRUrKkKRu3AInmM1D7b2CICxY0BlInNRVnJk4avjfqHXuCFgb505Mj85JkuH3i5gSMjT10N_lDarTB0eKAWfWiErwpQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B81 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CIm_uM2L14IDFSRAFQgdk0cN5w&bg=!dnWldTrNAAZxrfrxUa07ADQBe5WfOHYCB1dZeVCnjhrI8u817j1remEUhiklGzW5JVr8qhVRhk9kSArgQMTmcfxO-JWPAgAAAX5SAAAAA2gBBwoAHhzXAXPb-vBdDePiizg9Iz6O9p0nYGpabPqM5X2ISJkDFSdaIrEQn_vRVMI-x6xA_bzIo5sgiNVJll617ebLheetMANlggOOZfmaTIqOKA5ZFcydaIaPaCqhNAcWdH5B6yy6yurZMD0aIvLOiKyOazUoAaUvxbAef9Axbcl9aCD9dK0M4sdrs4ArGmn4jWIpQshxCgdrjZq3fomPgFPiEAxAlO5uD7wt7zZt1TTG-C1arFpZTvfACcrRPljApnVHB8at2rfeAkCkMmjPn_VhgkyXuFYZP1Wcd-x21cfzbPTIXBvpkQ4sQAb-1DsJWoA1X6bXm_f7zGeBrZibVl90PadZcv5gfm8ZwK7u3ahHJ76kyRVlt_lAvUN_lmMYK0-hiIBq3VKiZOerikTpJEQJCEusXtU58Ks3tSFnNZMX8saS6kDe4LR9L1hrTb-F4sCcx4ilu_ZrQ2XmcJOXb5Y6XAy9Vnt1On4MUXRNiq4WjjgBq0eaO-WKPsmLolqjVkOspx2_zqKSXJM1nlM4OcRxl3tJICsbr8KrHfvrGLf1HBZM3ejapaAvX4Vm-i2ZL6MFi8wFA3CfnOuOKWAtW8nLm-RvGIGJNEZWX61H3zDqls_K55NbFFfiOIy2QqEXQi-EyUu4uKB3y-LL7daWQeB6GocQ66gyA9lPQltvFcVEWlUxn4Zk_9hCTJCE24Qz5G44Rk8w5wm4svgOoX3YbaF8ZpIGlE8yexVAtp-WzA3X4xOlizYY9vSi2qK7QTYpGfDkTSkPjzyy6xQEuKCLI8UuZ21VwyC_RRWZ_ARDwjA1xh92YMFQxhoF-kYb6XEX2xTjKHGVCz8TiV2CtWgQz569o5m9tWWY6HxRK54-oYYF4fgzcyVPtgLciKD8QspoL4OKltev0bMUlJLiNAjxSEpwZWb5kGNl7edA0fMQDjgbR08MK4TOYo1xdR73KZJdkJL50X6Sz_4HrYuJ1d6tkGpLf_WaDoTO511V0JlumDqLB7yeyEIC0G6GvZkbPZCBc1JaPJoipGZvHWEu36vduRADxULFkAry05IapTyvayFOuw_Stzu6LsXHlSwSTA6byUWj8GnzuSq4nQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E99 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CLuCt82L14IDFWqEUAYdJREFeQ&bg=!7e6l7qHNAAZxrfrxUa07ADQBe5WfODDmG-GN5Qbi3LGMTgi6z5wy4qts2kFD11OPZZL0wkl8gdreMH-of2QSLPAFQ3blAgAAAXxSAAAAA2gBBwoAF45Nw-ZaJV2LplYsl52jvWfeH5iefKddmQMGhatKOmLDYUQL2ygBFnsgu9yaf5FVIjTBCnA1uDUm3ZRTk6Ri2J5c4y4EFtxf--vQKWVG0FVrR0E3XkPASrghTpWo6GGecFwvm5VTDIEn2DMPPl6iVbg8VQXl51MeqjCK0FjkpMMQLFhkKxFPk_3eSseRSe4LRTsBaOMGETmzANHTSI-ZUtN3WO2THYr3OKJQoIVZOn8rRoYdTLBK9YUkaebfxcCcRIiOUQtW6gRMHPeH8UwilEblw4ZBDSI3qYCUgxjS0gtdIWYdZ5vC6RML2uzWpD8G-A7NbwMebM_HQdcTe9ewxwhYVlClmXbm4yDDlNW14UoujlAOoDAwbe2SnvZBtUTzatDNWlFF-PN0tzfN4JKPF_jIa2MjmpaTS4QlCIp7VbQ-Rmf3fxm1j_tyjLJFv92ifHwPX5Ss_ze7pmISQb1u93CvE54kDD9XQt3UrftP4lhOWYQgTcRxip28l-8a6viZMpSLnDB5tN5YGx4XQbcezQa2WtQL9eijb1gL2FJsIFHC9UC214PtbDiQxqs4dr9q3remIcVA8mzc0qR6nAfTp-PWhqgR7-7UHvqsSNJzTckygy1paX1Gp4ylV5tRirNohAvUq7Pvy8lUprVtA-j5EExqs3jamqtvz0JseE_6RsBCICAvAE8X3cwVOWciDSf_taRNFmquQ1OQBJz3kDUOzYN45ImzRqhlaCPmVn1j1y2XwlzMFrgVPQQuJVy9ICgrkybuWOxRHQWggArpe_fzi9_B56gjtKtmHetKhKnV5_PFrHjSYTQ5_HgUtsMuSZIL5vyUuVxilhF8wKcoXTsE14tnSq0zFvnj8nHQheS2LWmt82jGFbpekg3Ba1OCZLJqnCGVRQTYieVa-r4csfcBnyO7YgUKr1pmFPqOEoe6Q_cvcySY9NGIDcvzhR-gSsQdqaAIf5Eq4sxy4NUhO6MyKzprC5XoEeHju15-rSh5XOJTcQuAiejK1xntTCXNIxtWY7mAhdSmY6jStTOwYufBjPjlH-TPi4apU2VuwnXkZckS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C30F 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CMKw5cyL14IDFcljFQgdZ9QFrg&bg=!srGlsf7NAAZxrfrxUa07ADQBe5WfOEBbUVAFPouUbkp8p8gy5bJgFpERpDXgCwMVawFT-YWkKmUCX1BNEQIrSU0CJlVCAgAAAb1SAAAAAmgBB5kDHdsh9lA7PzCsLZRgV8qNjvwK6c9ASc7Gdv-lXNXfpd8HZwUN24TMJNrRuE5dPl-42GbN2kSCrKpLQTVr1d6zci8r79fyXO4Jty_XOv1oxAChMA1kJU1xT8o8AEmG7dbUABAeh9mlbPkq8CuZ03CTxdjXoeKMfSl-0G8JuY7ozPx3F-RLTDQ20GAkXNJQW_y2bh6wW7yU2gMsFnWLuNC-sDwpjEIg4nPXyqOU9KmXgQsvBB9KOz-XMcHifS19y7LEm_vOAcLtgDxSe0qAxQfOGebgVQLyqqGs_ADVOuOkt0TgZMCLMIKj1ZwtTVyxSOVZ5g89DC_8uluJU5RxjWbY0SqXGdzqf_xiKusz7Tw_dsyY937ifGhJO2G-WGgwemeAF5nVnWWv2k8qGjRHQMuHK2z2HY5bCZtr4nG5lVoO5Y8bFoJQUDYlTNK6AR30zr1ttYnfhE-cYccyU8DYHJUGRZMRNGz9PpNIG9Z9KEIGQZCILZm53yrmaKkRAGan9ydbhObCSrTAx2clyofOEfWpwZGKdcAUMT2kSN0El0vKzosuFwdUXwzCrMDtaeYmuBA1EtaVEvgcyCY5qSd9pLPz6M3A6WVKjY1SO-KjUauBiOVBmZY4TkK7hWIZiJT7P8R_rLGNqq1X_zRGdm6t_lTkWkav5eLNyHv6QhFtV6mAO-Qxy34qonHmrbn1CmgMMT6nGoGDay-yQ2kxJjOAOxmeP1JA4dMp7fJpnNNX_9uU3yCd6QkSDMd0qxXXSuDPkV1FxHP5upHtTLUxbcNNXhDi1q82mLB_o1ihk13ij-yz50RwVPTVqZW-FgJi3PUftGBF3EP0U8huDLY-tzb7CJPEPyVlbPVu9p_fsAZ7Zm8tQM4NkYJJs8Bjh74Zql_sdsCXnMKXIqK2BwmTTTQrSKrCrn1d3MfT-Tj_ZiRc4EIMgPvwnqeuzQdKabxb_Lfhjwd__IEVZ5K0yZUPb9U3oCHB7itcqAFaitb3GPh3kFkBh18mLCoVQKbTzXBbAvY6OsBiPBUl6I2c9kF8knF5SbqlDbL9JfaS1Pqz2P55q-5Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 07:32:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0214 13 KB
5 KB 23ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 40060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 20:25:12 GMT
expires: Wed, 20 Nov 2024 20:25:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AB95 829 B
559 B 31ms
31ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a78018bd658de1d5cea4a08ba2e62cd21a5502481d4985df80d034bbeb0ebba2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JoUz19B_SkHNup7r4fCJ5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-JoUz19B_SkHNup7r4fCJ5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:32:52 GMT
expires: Wed, 22 Nov 2023 07:32:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/AmJrC-ADEPZO4-aN/ Frame B225 0
145 B 82ms
81ms XHR
text/plain 34.249.193.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/AmJrC-ADEPZO4-aN/postback?sr=yieldmo.com&dm=728x90&gt=ch&ci=518423&di=folkd.com&ti=3412321029805258910&to=3&si=2331256393946538634&bt=programmatic&md=1&dt=5184231558719353398000&pp=2518831497914294538&pv=26d423c9-ac23-4e2b-8d07-aa3f1d5f8ce9&de=2&pi=3412321029805258910&sid=AmJrC-ADEPZO4-aN&oz_sc=7d6bdd2b64b390b35c9bc6c7&oz_df=1700638372387&oz_l=13405&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.249.193.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-193-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Nov 2023 07:32:52 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AB95 0
0 55ms
54ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311140101&jk=1960253774774635&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 0214 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0214 0
10 B 28ms
27ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9ONk7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 07:32:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/AmJrC-ADEPZO4-aN/ Frame B225 0
145 B 41ms
40ms XHR
text/plain 34.249.193.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/AmJrC-ADEPZO4-aN/postback?sr=yieldmo.com&dm=728x90&gt=ch&ci=518423&di=folkd.com&ti=3412321029805258910&to=3&si=2331256393946538634&bt=programmatic&md=1&dt=5184231558719353398000&pp=2518831497914294538&pv=26d423c9-ac23-4e2b-8d07-aa3f1d5f8ce9&de=2&pi=3412321029805258910&sid=AmJrC-ADEPZO4-aN&oz_sc=7d6bdd2b64b390b35c9bc6c7&oz_df=1700638372648&oz_l=72&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.249.193.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-193-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Nov 2023 07:32:52 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311140101&jk=1960253774774635&bg=!WlmlWRbNAAZxrfrxUa07ADQBe5WfONjSVMM0EfVP8XSjwRHaw72KwhPIODY-Rk3wkosOi6C3ClNKBV0jvWW57NGyVUBmAgAAAE5SAAAAA2gBB5kCtXDMaW5U9d-JGz3cigLGy1C4hWxVWOZiT_vbwqfsu3_LbYmfhM6eZXUe1b9mjYDkj9UQo-R9sGBtfB4nH2JmgbYAiNROvVTA_quH7HXyfCMKuUqTTKN5Cy4qGSQyYqoD9XsI8z1GjClGHMMLVdjPyXE6SdcxhbId1gvaxZVSZkEVwU50pFx-EY1kzGmPg79eMP0wb7zAKEii-DFgrxsD3t4mAWhC6CC1j1llN4KdmqiPEeO5Xqh5yfySTP2FAxuEtxu_HUYXz0QKJRFrj-3xDgDhrNSW6uLfggCghtzRRx5b5HHCmUf9pLHYGRVPYqdVSsfANNtvMgUwqodMDcIktNqKjNU5HkdmVVJUurVK4WU1cuGVQMmJNgh2Y3o_v1fcrNBnHDgv20V_raSjLQL18J6Y-5F1mp_Zx5ThBKqE8rap154LLUkW7BFuyKmExTkXblpxbiUXcfr95m0X6pLt268ULeQpImVFJ65bp3d5jTH0-4_ds_34ta5nFJ2vDz4QEfCuq5fnibhGLLsfn_qAuNsOxtjjHgf8WObtZI0aeV11g9cZJ87e5MtFhNFNLQ7MAXZmCHrAJecWI7O6miN8aqTPHEGQkC9WdTRfTPFB7e0MXpciK23Kx-BNkmvnRENxwxHiGXW997LN0aUCYk51sAiBlJ5aAWOQ8dNyIcSfjTeQz7bv8dqdk9ZtWWKgQvAfiHijNgi7jyYi2px-ZcG8miBJplw4Fh4OLGw7E_z3Rwq4iI-Yjgf7GvGQrktDAAqVwrxU9utwVSgUyyoro1xu6qJZ4MdodH8OqImSOjMkQURT5BmvjRDsYLoANGZf7n3eUEZmlbDe2qwDsK0sGvcPrU7gBS_vNJne92q2HzTJK_bRhsQSHxzwLLkDzc0jQACzgLi7J7NNw5YNif4wCra9_g9HQypqBw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
289 B 584ms
583ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Wed, 22 Nov 2023 07:32:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 113ms
113ms Preflight 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Wed, 22 Nov 2023 07:32:55 GMT
x-amzn-RequestId: fc1826f9-dcd4-d824-a1cf-961ed843b9ae

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 6E3A 133 B
569 B 125ms
124ms XHR
application/x-amz-json-1.1 3.91.171.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-232.compute-1.amazonaws.com
Software: /
Resource Hash: a631989b84d18b819b7895142d51fb111152410b922e5050a965c318789e9217

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231122/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=cc8b941e4991a04d411c33e90d061b49aff65ab2ce3caedf2fd28304bfe41123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 4885262adea76f24e1e395a769ce99e06ca9b6a6e49af5fcecf2dab489e97cee
Cache-Control: no-cache
Referer: https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231122T073255Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Wed, 22 Nov 2023 07:32:55 GMT
x-amzn-RequestId: c08f74f0-72cc-7eb8-9d58-c417765b1f32
Content-Length: 133
x-amz-id-2: CRHcfiwjzuhQqI5W+/K7lttL7c2ycB7W3Wih7Xfq3bHEjCLsdBIEzCaFXubjIEVMacHC+jR+IKnQCjpAEls3VD6CRVrwYczN
Content-Type: application/x-amz-json-1.1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wpi.sportsbookreview.com
URL: https://wpi.sportsbookreview.com/pickdev/2021/08/16144901/sbr-bull-apple-icon-180x180-1.png

Domain: oajs.openx.net
URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp

Domain: wpi.sportsbookreview.com
URL: https://wpi.sportsbookreview.com/pickdev/2021/08/16144901/sbr-bull-apple-icon-180x180-1.png

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-aed4d127-19e6-4301-9d16-4d3596549d75-003

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FSr133vvQ31llzYFQnr&redir=true

Domain: pixel-eu.rubiconproject.com
URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTMwREU5QkEtRUJFQS00RjJGLUIzMjktQjAzODJEQkMwMzQx&gdpr=-1&gdpr_consent=

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FSr133vvQ31llzYFQnr

Domain: yieldmo-match.dotomi.com
URL: https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=21

Domain: sync-openx.ads.yieldmo.com
URL: https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=d4a85ddd-3d8c-0218-3c78-d2330a7c1e34

Domain: bttrack.com
URL: https://bttrack.com/pixel/cookiesync?source=6f15a88d-e42c-4017-8276-dff2b21d7926&secure=1

Domain: u.ipw.metadsp.co.uk
URL: https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=${BSW_USER_UD}&bsw_param=dc3a48fa-c90d-477a-968f-7307962a4130&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Domain: rtb.adentifi.com
URL: https://rtb.adentifi.com/CookieSyncYieldMo

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/mo

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/397286.gif?partner_uid=3FSr133vvQ31llzYFQnr

Domain: xsync.iqzone.com
URL: https://xsync.iqzone.com/psync?t=s&e=366&cb=https%3A%2F%2Fsync-iqzone.ads.yieldmo.com%2Fsync%3Fpn_id%3Diqzone%26id%3D%25USER_ID%25

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/yieldmo?redir=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fuserid%3D%7B%24PARTNER_UID%7D%26pn_id%3Daa

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/26980?limit=0&id=3FSr133vvQ31llzYFQnr

Domain: aa.agkn.com
URL: https://aa.agkn.com/adscores/g.pixel?sid=9212291508&puid=3FSr133vvQ31llzYFQnr

Domain: contextual.media.net
URL: https://contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__

Domain: sync-adform.ads.yieldmo.com
URL: https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=254002728751764508

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=71&gdpr=0&gdpr_consent=

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11479&redirect=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fpn_id%3Dloopme%26id%3D%7Bviewer_token%7D

Domain: rtb.mfadsrvr.com
URL: https://rtb.mfadsrvr.com/sync?ssp=yieldmo

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEIMt3I-7N9x3Dgt5uS-equ8&google_cver=1&google_push=AXcoOmShLE_DNUd1uDz08nhOSL2Ldik8f-Nh1lL9AsKhtp2H7-rCUlpOk5BdKyXJ9se_18-uQ7Fj-jQLSzvqmiaZBQXCKjbn4-2sVA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmShLE_DNUd1uDz08nhOSL2Ldik8f-Nh1lL9AsKhtp2H7-rCUlpOk5BdKyXJ9se_18-uQ7Fj-jQLSzvqmiaZBQXCKjbn4-2sVA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRIewqoDW-C04eNdwGpgwVhKJOLZLBu7bVLY06XwzppKsbh5XiKWHQ6LV_2NPCx0FF-hDf-EEnHwtEe7lwpNI7qnhAcLtST&google_hm=3DpI-skNR3qWj3MHlipBMA==

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0MDAyNzI4NzUxNzY0NTA4&google_push=AXcoOmRdhxwGG8dOZJo9ZknViaAeNW-65bHfH0UMPLMSux8eEDMJlPZaFtd3o24VKjPttFqZJ06AJ009L1ujuWVjq2GheajEkrTk

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFDSaaK22dnG49-F_hamc9Y&google_cver=1&google_push=AXcoOmSXym0qPJ4KGiSodTAl6iVhRYJam0XpIXyXHsqUFwttbgXuYI6UdHa618AX7SEoDjk5HV4ST8MVTyEntGwQgSShhTzHL0XPZg

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQkn9VlDbcQZevrHIoXx0_TI-yjsE4nfbczSaEg3YPGE1A3sNP6DirdSbO65kCWRZQbaBNERP6J98I1RaB2Qij--ZneEi2fdw&google_hm=HspkpGZHXCEtjKfnQregqtlM

Domain: cs.media.net
URL: https://cs.media.net/cksync?type=g&google_gid=CAESEHJtAFqwDJKcq5hRzYpdxMI&google_cver=1&google_push=AXcoOmQrxZQLroyxatzls1cLgGKTcBGesCzRR4KG7OmQ0dII__WT5O1LHGP_u-Tviu9ISWd-vBfrdu0VmHq2hzTuEuQVcrjJf8skNQ

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRDsLXukYpK5c5bZ92XqTbBhKqFch--KzZjtiWbBgAMR6dajQCWnv-6ZDJtA_Li4p6rRlvj3lAMY6Ws2F1GhKtXFOefH0zf%26google_hm%3D%5BUID%5D&google_gid=CAESEJsLkmb7S-g0EYQmnZICErg&google_cver=1

Verdicts & Comments Add Verdict or Comment

259 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

89 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
folkd.com/	1970-01-20 16:28:17	Name: folkd0612_live_u2main Value: 1700638360513x270602361098784450
folkd.com/	1970-01-20 16:28:17	Name: folkd0612_live_u2main.sig Value: 8jt4qEVzXt0y-V4_laTwiY09oAA
folkd.com/	1969-12-31 23:59:59	Name: folkd0612_u1main Value: 1700638360503x874548307957905300
.folkd.com/	1970-01-21 01:59:58	Name: _ga Value: GA1.1.381228326.1700638362
www.clarity.ms/	1970-01-21 01:09:34	Name: CLID Value: c6ff30e983a8415ab9d60fc4821876d6.20231122.20241121
.folkd.com/	1970-01-21 01:09:34	Name: _clck Value: p4yas4%7C2%7Cfgx%7C0%7C1421
folkd.com/	1970-01-21 01:59:58	Name: session Value: d387daed-9e60-4c14-a162-c5c47fd6593e
.folkd.com/	1970-01-20 16:25:24	Name: _clsk Value: 2za1j1%7C1700638363772%7C1%7C1%7Co.clarity.ms%2Fcollect
m.stripe.com/	1970-01-21 01:59:58	Name: m Value: fc196093-58a4-4330-a5ee-0d68f3fb4177ef962b
.doubleclick.net/	1970-01-21 01:59:58	Name: IDE Value: AHWqTUnioFD8867rSl3yIJr6vw01XWz-Ut32yMliYAnTtNSfye0uST-ZGCd6jfuDYwM
.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: ce2bd49ecf3186e359ff14998103efe80477b2ec-1700638365
.criteo.com/	1970-01-21 01:45:34	Name: uid Value: 8b5e5047-1d29-4616-9c70-1a5f39e07c4a
.folkd.com/	1970-01-21 01:09:34	Name: __stripe_mid Value: 6ac20058-1732-4716-a7a8-4f88e57b54aa6ca951
.folkd.com/	1970-01-20 16:24:00	Name: __stripe_sid Value: e031e659-205f-4ae9-920e-3d20739fe5680dc956
.crwdcntrl.net/	1970-01-20 22:52:44	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 22:52:44	Name: _cc_id Value: c7434103bea388bccb332eadd7aa23e0
.openx.net/	1970-01-21 01:09:34	Name: i Value: 630ff199-060f-07ce-3bcb-06b592b03857\|1700638365
.openx.net/	1970-01-20 16:45:34	Name: pd Value: v2\|1700638365\|n0vNvQiygu
.folkd.com/	1970-01-20 22:52:46	Name: _cc_id Value: c7434103bea388bccb332eadd7aa23e0
.folkd.com/	1970-01-20 16:34:03	Name: panoramaId_expiry Value: 1701243165820
.folkd.com/	1970-01-20 16:34:03	Name: panoramaId Value: 409424dc0ef6aeeec59e8dd90ac1e32246b0b0866ddf9b6314212bb0359e7b0a
.folkd.com/	1970-01-20 16:34:03	Name: panoramaIdType Value: panoIndiv
.www.kryderlaw.com/	1970-01-20 16:24:00	Name: __cf_bm Value: x.pg4gprH1TYRJE4MbquID9GV1FejMvtmlD.sHzvW0E-1700638366-0-AeBbULsXcDL40M/ef8LPK0MkQc0+B4F+Pk3T73rGs/FkVJvyPF1kXKXhLIzK/H4dp8FcwUAla8r7TAlWZNm4If0=
.folkd.com/	1970-01-21 01:45:34	Name: __gads Value: ID=8ea307d0f66648de:T=1700638365:RT=1700638365:S=ALNI_MY4XfW2sO3sqoiOMvKEDK52gZ1Yug
.folkd.com/	1970-01-21 01:45:34	Name: __gpi Value: UID=00000cd6c9b2db67:T=1700638365:RT=1700638365:S=ALNI_MbBmeqV2kl7IMmFuFEmRWJxFsI7fg
.yieldmo.com/	1970-01-21 01:09:34	Name: yieldmo_id Value: 3FSr133vvQ31llzYFQnr%7C1700611200000%7C0
.adform.net/	1970-01-20 17:07:10	Name: C Value: 1
.adform.net/	1970-01-20 17:50:22	Name: uid Value: 254002728751764508
.amazon-adsystem.com/	1970-01-20 21:43:39	Name: ad-id Value: A1KAoaO9RkeOjzhe4qEvqKQ
.amazon-adsystem.com/	1970-01-21 01:59:58	Name: ad-privacy Value: 0
.travelaudience.com/	1970-01-21 01:54:12	Name: _tracker Value: %7B%22UUID%22%3A%22FB46658D-F9F1-446A-210B-54948F22A7EA%22%7D
.linkedin.com/	1970-01-21 01:09:34	Name: bcookie Value: "v=2&052428d0-6fac-4081-8c63-a484f9e28bd4"
.linkedin.com/	1970-01-20 20:43:10	Name: li_gc Value: MTswOzE3MDA2MzgzNjc7MjswMjF+UjMNmMCDgnI7zB7ftrAZFkBtbJx3+H1zj64OelgloQ==
.linkedin.com/	1970-01-20 16:25:24	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3019:u=1:x=1:i=1700638367:t=1700724767:v=2:sig=AQFfIh6I0bALEysZHq4eOnJ1kUWEyDCO"
.folkd.com/	1970-01-21 01:45:34	Name: cto_bundle Value: V5K-019pTE0lMkJLOVpYakYzaGs1cWx2NGN3ckhHRkRsZSUyQkxtelRKMEklMkJBTGo5MTBnSWZFMU42Z3FuMmJsTjhTb3JhMFZlRyUyQmdBZUZ5b2g3JTJCVTVtVGFBek5ZOHZIJTJGSk5pb2pRVTd0MU4wQnVkNjYwZjROMERCNGR2UHgwbEdhT1U5NkJaViUyRlZTdWRUSTFOWkt4ZVZhcTRBYk9XdyUzRCUzRA
.acuityplatform.com/	1970-01-21 01:09:34	Name: auid Value: 855339880763
.acuityplatform.com/	1970-01-21 01:09:34	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRX0+IgGOmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUV9PiIBjo90aGlyZFBhcnR5VXNlcklkWkNBRVNFTk43UXlqekVXWDZyLWFKX1lZUmQta/v7hnZlcnNpb27C+w=="
.ads.yieldmo.com/	1970-01-21 01:09:34	Name: re_sync Value: pp%3D1181838%7Cbsw%3D1181838%7Cadfm%3D1181838%7Cgoogle_supply%3D1181838%7Ciqzone%3D1181838%7Ctapad%3D1181838%7Cyahoo_supply%3D1181838%7Cmf%3D1181838%7Cbeeswax%3D1181838%7Cneustar%3D1181838%7Caa%3D1181838%7Cb%3D1181838%7Cc%3D1181838%7Ccriteo%3D1181838%7Cloopme%3D1181838%7Ceps%3D1181838%7Cstk%3D1181838%7Cdv360%3D1181838%7Ceq%3D1181838%7Can%3D1181838%7Crc%3D1181838%7Cunl%3D1181838%7Cmnt%3D1181838%7Cliveramp%3D1181838%7Ct%3D1181838%7Cadtrt%3D1181838%7Cbluekai%3D1181838%7Camazon_supply%3D1181838%7Cz%3D1181838%7Cpub%3D1181838%7Copenx%3D1181838
.3lift.com/	1970-01-20 18:33:34	Name: tluid Value: 1590093014923329220252
.bidswitch.net/	1970-01-21 01:09:34	Name: c Value: 1700638367
.bidswitch.net/	1970-01-21 01:09:34	Name: tuuid_lu Value: 1700638367
.bidswitch.net/	1970-01-21 01:09:34	Name: tuuid Value: dc3a48fa-c90d-477a-968f-7307962a4130
.everesttech.net/	1970-01-21 01:09:34	Name: everest_g_v2 Value: g_surferid~ZV2unwABeuvZOQBH
.pubmatic.com/	1970-01-20 16:25:24	Name: KTPCACOOKIE Value: YES
.lijit.com/	1970-01-21 01:09:34	Name: ljt_reader Value: HspkpGZHXCEtjKfnQregqtlM
.casalemedia.com/	1970-01-21 01:09:34	Name: CMID Value: ZV2unyIIgauQTeblnfMpnwAA
.casalemedia.com/	1970-01-20 18:33:34	Name: CMPS Value: 1162
.casalemedia.com/	1970-01-20 18:33:34	Name: CMPRO Value: 1162
.pubmatic.com/	1970-01-21 01:09:34	Name: KADUSERCOOKIE Value: 530DE9BA-EBEA-4F2F-B329-B0382DBC0341
.rfihub.com/	1970-01-21 01:45:34	Name: eud Value: H4sIAAAAAAAA_1vFwmtobmBgZmxhbGZhaGAOAA6iLIIQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjQ0MrQ0NTE3NBLiM9RNKskodU3xDjTwKkkBAPOR4rIlAAAA
.rfihub.com/	1970-01-21 01:45:34	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjQ0MrQ0NTE3NBLiM9RNKskodU3xDjTwKkkBAPOR4rIlAAAA
.go.sonobi.com/	1970-01-20 17:07:10	Name: __uis Value: dd351fb4-19db-4585-b2cd-76af2ce8d523
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8540\|ZV2uo
.media.net/	1970-01-21 01:09:34	Name: visitor-id Value: 3436399687251719000V10
.targeting.unrulymedia.com/	1970-01-21 01:09:34	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-aed4d127-19e6-4301-9d16-4d3596549d75-003%22%7D
.ads.yieldmo.com/	1970-01-21 01:09:34	Name: ptrc Value: CAESEOWuvJNY0359t9o9Rwx4iDs
.creative-serving.com/	1970-01-21 01:45:34	Name: tuuid Value: 37d6431b-d07e-46a5-9fc0-2fcb99e34bf8
.creative-serving.com/	1970-01-21 01:45:34	Name: c Value: 1700638368
.creative-serving.com/	1970-01-21 01:45:34	Name: tuuid_lu Value: 1700638368
.c.appier.net/	1970-01-21 01:09:34	Name: _auid Value: 8aCUti-4BGi2vuKAoK5dZQ
.c.appier.net/	1970-01-20 17:07:10	Name: _gu Value: CAESECCJfzsRZCGXPb_4PC4VwRg
.adnxs.com/	1970-01-20 18:33:34	Name: uuid2 Value: 2975953166841500249
.turn.com/	1970-01-20 20:43:10	Name: uid Value: 9109471186860667620
.bidswitch.net/	1970-01-20 16:23:58	Name: bsw_origin_init Value: 0
.1rx.io/	1970-01-21 01:09:34	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-aed4d127-19e6-4301-9d16-4d3596549d75-003%22%2C%22nxtrdr%22%3Afalse%7D
.tapad.com/	1970-01-20 17:50:22	Name: TapAd_TS Value: 1700638368587
.tapad.com/	1970-01-20 17:50:22	Name: TapAd_DID Value: 75cd31ff-528b-40ff-b364-009ad8ec1800
.pubmatic.com/	1970-01-20 18:33:34	Name: SyncRTB3 Value: 1701820800%3A220
.pubmatic.com/	1970-01-20 16:25:24	Name: pi Value: 160648:3
.pubmatic.com/	1970-01-20 18:33:34	Name: chkChromeAb67Sec Value: 1
.ads.yieldmo.com/	1970-01-21 01:09:34	Name: ptrcriteo Value: 8b5e5047-1d29-4616-9c70-1a5f39e07c4a
.ads.yieldmo.com/	1970-01-21 01:09:34	Name: ptran Value: 2975953166841500249
.yahoo.com/	1970-01-21 01:09:55	Name: A3 Value: d=AQABBKCuXWUCEFcM4RfgTGNGdun1h6zHEboFEgEBAQEAX2VnZbti0CMA_eMAAA&S=AQAAAphNSp9ritMVaynh-iVNEW8
.tapad.com/	1970-01-20 17:50:22	Name: TapAd_3WAY_SYNCS Value:
.rubiconproject.com/	1970-01-21 01:09:34	Name: khaos Value: LP9G6BG6-1D-3HGJ
.rubiconproject.com/	1970-01-21 01:09:34	Name: audit Value: 1\|fFI5S2uFIUbGkGkEwR1mh5YQpwuD7gvCQ1n0ADUJ5IGT5JOdE07T+4liKeHoUYWqZs1NXHCtetkkEa5N2k7U1SEEFoCDRlfYJ2DmEZQSqKHpBSp8AaqpQEQWapJMVzbWcy58ZLjs7i8=
.zemanta.com/	1970-01-21 01:09:34	Name: zuid Value: k2RuwYIl9wvO9fvx3aXn
.scorecardresearch.com/	1970-01-21 01:59:58	Name: UID Value: 1ABf749bbcb67d29b648d8c1700638368
.tribalfusion.com/	1970-01-20 18:33:34	Name: ANON_ID Value: aYntXLyKalHobWm8ZaCyPqMJaMkDtiZdqYhEi6ih52Uk3VbGZbrVOVtBWUOe415ltNkcFOjBlP3WcbpZbNMvtxyuro4kcfZav
.folkd.com/	1970-01-21 01:59:58	Name: _ga_7BR5TDFFPC Value: GS1.1.1700638361.1.0.1700638370.0.0.0
.bidswitch.net/	1970-01-20 16:23:58	Name: google_push Value: AXcoOmRqjGLlkF3UyenMgY5ldiiimz__XubBatG8SbDCMp4KVG-Z8KJYKmXZT7N1yuGogo1Bgf3fDIJsiQCEJNbMfaCOD81PjOxU
.bing.com/	1970-01-21 01:45:34	Name: MUID Value: 205FE87D80B967902E06FBAC81BF66F7
.c.bing.com/	1970-01-20 16:34:03	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:45:34	Name: SRM_B Value: 205FE87D80B967902E06FBAC81BF66F7
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:45:34	Name: MUID Value: 205FE87D80B967902E06FBAC81BF66F7
.c.clarity.ms/	1970-01-20 16:34:03	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:23:58	Name: ANONCHK Value: 0

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://wpi.sportsbookreview.com/pickdev/2021/08/16144901/sbr-bull-apple-icon-180x180-1.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://shamlatech.com/wp-content/uploads/2019/12/OG-image-Shamlatech.png Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://folkd.com/ Message: Access to fetch at 'https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp' from origin 'https://folkd.com' has been blocked by CORS policy: Request header field x-coalias-route is not allowed by Access-Control-Allow-Headers in preflight response.
network	error	URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://wpi.sportsbookreview.com/pickdev/2021/08/16144901/sbr-bull-apple-icon-180x180-1.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://shamlatech.com/wp-content/uploads/2019/12/OG-image-Shamlatech.png Message: Failed to load resource: the server responded with a status of 403 ()
worker	error	URL: blob:https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/87af54f4-d2b8-4fe5-b707-96a792a151cd Message: Mixed Content: The page at 'blob:https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/87af54f4-d2b8-4fe5-b707-96a792a151cd' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/87af54f4-d2b8-4fe5-b707-96a792a151cd Message: Mixed Content: The page at 'blob:https://72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com/87af54f4-d2b8-4fe5-b707-96a792a151cd' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io
72a70af9186a108e1046fab9ebff2778.safeframe.googlesyndication.com
a.c.appier.net
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ads.creative-serving.com
ads.travelaudience.com
ads.yieldmo.com
ap.lijit.com
astrologyexperts.in
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bttrack.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
contextual.media.net
cs.admanmedia.com
cs.media.net
csync.loopme.me
dis.criteo.com
eb2.3lift.com
esp.rtbhouse.com
eu-u.openx.net
folkd.com
folkd0612.bubbleapps.io
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
imps.monu.delivery
invstatic101.creativecdn.com
js.stripe.com
kinesis.us-east-1.amazonaws.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matchadsrvr.yieldmo.com
miro.medium.com
monu.delivery
mug.criteo.com
myfirsthomeincalgary.ca
o.clarity.ms
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
orchidhousepainters.com.au
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.tapad.com
protected-by.clarium.io
px.ads.linkedin.com
q.stripe.com
region1.google-analytics.com
risalafurniture.ae
rtb.adentifi.com
rtb.mfadsrvr.com
s.tribalfusion.com
s.update.tas.yieldmo.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
shamlatech.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.yieldmo.com
storage.googleapis.com
sync-adform.ads.yieldmo.com
sync-openx.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.inmobi.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
tpc.googlesyndication.com
u.ipw.metadsp.co.uk
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
wpi.sportsbookreview.com
www.clarity.ms
www.comfortkeepers.com
www.folkd.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kryderlaw.com
x.bidswitch.net
xeqe-t3lw-i7hv.n7.xano.io
xsync.iqzone.com
yieldmo-match.dotomi.com
a.tribalfusion.com
aa.agkn.com
ads.yieldmo.com
b1sync.zemanta.com
bh.contextweb.com
bttrack.com
cm.g.doubleclick.net
contextual.media.net
cs.admanmedia.com
cs.media.net
csync.loopme.me
idsync.rlcdn.com
match.prod.bidr.io
oajs.openx.net
pixel-eu.rubiconproject.com
pixel.tapad.com
rtb.adentifi.com
rtb.mfadsrvr.com
ssbsync.smartadserver.com
stags.bluekai.com
sync-adform.ads.yieldmo.com
sync-openx.ads.yieldmo.com
sync.go.sonobi.com
sync.srv.stackadapt.com
u.ipw.metadsp.co.uk
ups.analytics.yahoo.com
wpi.sportsbookreview.com
xsync.iqzone.com
yieldmo-match.dotomi.com
104.16.137.79
108.138.7.10
13.248.245.213
141.193.213.11
142.250.185.226
149.28.187.227
15.197.193.217
151.101.194.49
151.101.3.52
151.101.64.176
154.59.122.79
162.19.138.82
162.241.169.31
172.105.199.172
172.64.151.101
178.250.1.9
18.196.230.223
18.202.86.19
185.89.210.122
193.0.160.131
198.47.127.19
2.18.160.23
20.127.253.7
2001:4860:4802:34::36
216.52.2.91
2600:9000:2057:2000:19:7d10:bd80:93a1
2600:9000:2250:e800:a:e047:753:a221
2600:9000:2250:f600:1e:fdf8:aac0:93a1
2600:9000:2646:da00:1b:83f3:bc0:93a1
2606:4700:10::6816:3556
2606:4700:20::ac43:47fc
2606:4700:3033::6815:26e3
2606:4700:4400::ac40:90a6
2606:4700:7::a29f:9804
2606:4700::6810:5814
2606:4700::6810:cc42
2606:4700::6811:190e
2606:4700::6812:18ad
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::201b
2a00:1450:4001:810::2002
2a00:1450:4001:811::2006
2a00:1450:4001:827::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a01:7e00:1::b903:5c4c
2a02:2638:3::3
2a02:2638:3::c
2a02:4780:11:1189:0:2e75:d040:3
3.121.33.140
3.91.171.232
34.102.146.192
34.120.135.53
34.213.255.230
34.249.193.45
34.251.207.202
34.96.70.87
35.186.236.140
35.190.0.66
35.190.39.111
35.193.186.65
35.244.159.8
37.157.6.233
46.228.174.117
50.31.142.31
51.20.166.45
51.38.120.206
52.152.143.207
52.59.133.66
54.187.159.182
54.239.38.253
65.9.66.97
68.219.88.97
69.166.1.35
76.76.21.21
013d885eda8966389a63c217309811e038a9016aca05b8d842e4f54a0da040f5
0478b6ad8441ca6a6bbc6b2b479397ad4eeebe429e37c6fd4d18591b16b4c371
049351e05aa186ff61433d38b8628d8db7067dcb6e4bef8b6043efca8295efbc
064f931f0f077b50d9f416898e9ec573ea23c64c8c391cbbe9b65d6c0b6ec65d
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
09fa48367ecdb31ccbb365e0428d3d7bd7f32f48890b84d2e6c6ab9d2b12e3f2
0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c42c23a0a15b19aa34fbf250c2ef3717f98169f8f123875936de604ca03070a
0c44ebda8dbdc8fb9d21e091950d81b6bc3d30ce8ed8e36efc584c77579fb403
0f858701b04fbf281fa89cff16a7aff239b2965f8c49eb26e96c6c3247128789
1077c36ee5ab9be963afadb3ec0e46e21dba39976758833c3fb41135c05c6e90
10811981330cbdb5551d356db50a88ce22539d28800c15b8c5d5aa4c6221642e
10cfc93d2658ee387e1c219abc157474f4f3988e88364dfca82986c07f3d0c9c
1103674b5182811a62327c01d21cfc2ed96f58eff30ece5c6901e5a00f6ef4ce
13a98b9416e587b6aac281b68031fbc9fdfcc4e6870925efcf7416251f0ea912
1443a4ec910a1cb604121681627164fcbe3a37f50c1aa6f79f9b846b38844f4e
14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777
14fdb30698fe1edfbb87904d8edcda380e8ebd520ac5725c2e9673b4d668c680
15bc7f40ab051513778fb6f28590d862e7bb4cae006e9f63f6bcfb2859b9c9ad
15df7612b2f445f4d18846aed403d0ca0947b3f8dead95d4b167621f5faaba57
16125b67dd44a6df2eadad443e941af6085d45a67fad4421f2160d92fe605278
183997e50bd1afb425258d050eb076a6256be84a793b80567eb687bdf0c1269d
18a847f8474bbd62b4a8e5d7fc404c2d3863b05bd4e940750f7bf3fb31c78430
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1916cddee60e4888519d06a0ddd77725d0c67b549f9c049fdfc1b02f2f90b094
199e2d50eea1c6d696ce542e1afe173150db34ec9714fb5060ac14cbfc23cb28
1a2a7c1a22b6efda1bd648110cb8e22b462242c29fcd2dcb25a5cf96d8d0bc5c
1ae68ddf97e49d9de0d00a97709fb1c4be42ffbdb02bcf15c44b47c1010f3e9e
200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b
206a00581dee6490474255fed79f58893a25fc42c6e9208f2b1100231a01de8e
20b8a04ea44d942781249f77efbaad21b0d7ad9c0bd4de0a0dfc0c7201dd3493
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
23ef1d30f7e992de55352af06ac87f98c63c17def06e8a036727a9b5c1576a3b
2568c4a6f6f9b752a6688472ea393b12fa06edcf0c546afa626de347b095f665
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
267289b0d00dd787ac769fe7d243f6fc15fd7d721d67656bab04a5ea874a4441
27040dc2a6fbf853d7a18bee9494a88aae83cfcaa8125defaea64ea4d1071910
2819a6ca8f1a380b778754b1580589ee2a3775be935abcfd16a3185c47f62469
2a98a4d357c7ee1fbb84e52b6e0d481aee68ed203b01a03ce9cbb8c5843abe11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d37428c6f753f05d086f89607b514a4ba4329e950fefbc6baafb269ac37fdef
2e5639a5d8e9448d505cce0e874beb30aa14cb392ed1ff0d16b16eff7647894b
2ee89ca5e71b351597d0bcfa53a6629cf0d395671a2ea97b1978f62ef32585a8
2f8e874dc205f7fb50d131c372dd437a7b2f1566684c7c73b53638072a3e8f20
30e05e41a50fd1b6f788d1c6b39b0f59303e3a4f04796920b8751462169915d7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c191651d39bb217303b26d43756d5b1a33c7b1caeed6c00bf4b84e18684bd1
326b1b6d000e21f049d96bc3516ca8fcb72476ec5697e401b8b90054dbbb9d24
33d773949d1db57b1c73f8ea28ca64d9383efd3ddf71eebf1a5143ff5b376416
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3693a101674abd179dc5b0324d5cdc1cda16acd2210141ea8e83f45b482d4e22
37b1f01b5c861d556b510948adfa56c3920ccf971ccace1f62294006f8462c7f
391745d698a9b473b2246c5c425b2c0eefd8afeddb702284646be40f6f70d57c
3b0c76b541232b9b6f58db707800bacffd44e2f166236bc42b96613677def7a0
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
450693474694c84145ceee9ff8aa588aa61866a2bb4f8dcbc2fa9a60f55d9dba
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
464b756f2057463749d04fd4aa6b323baa694f4ea800d7c7d084caa71fe6cc88
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a5554d8c23eab796709c23adbc1d69132b44642d6c6fae174456fc50cedc949
4ab709475ac54d39d8c7b123b4ba8dacb8f2b9f61f1c82a888115c5fe86ef695
4b91c22973a5da73c5ac9c891047e4759f25e8221d0716ad3f3ad3469d62a8b5
4ba94c52637b2c45e037b7d2a59955862ebf2da292d0729b9bfa2d45c0ab0315
4cfda82d6ced2d4669f3d1ab4f1ff74cd01d9362ca23cc53f3f7fe7279396da3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb570915065b0ec2ab1de72c19116d5b5d1e2a0caafcfcce19bbca14075da8f
4fd5a8bfa052cba6133543ae307b33a3910d1fe5f178d30e448a35c139fa071b
52529a97f90496728672f65772811c6f1b9547eaba611ccaa90b36f2927abea0
532b5eca9f1abfff095c2367688b0b2ef6a3a507b84261dabfe9c63ccf0f1a5b
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
550c3b3ce95d602480fa09c8dccfcbba3b1c5aace700ea5c84b869b5e8cfa45f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ed173209f7ec86b28240d8c2ecebe894742cffefed38a4de734d35bbf8d9f2
58ff86ea9d4d7f9d0515bcfb43746d38824192bda31d81d43a45833c021d2e64
5a6a90940be3c5fdfc01a9419ff10b7dfcc05199c4909868122af197ad67945e
5bfc91a9c814d6b0b3658e8f085b706d3a8e18fdbed6ee33aa548c47080a013a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d3841cd551648f6c0770cb8e59f7b5c6323abe4e9a86e063f4f81f20a5aa92b
5d4c8ef8044f87bb52ddb627b09ed380eeb737ebcc31750d88081a601759dc70
6139d79aaeed0cb80556c652d7898fadac6428948d236b2515b9d9dd076d2d4c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63048d3da9b8ef24703db0cb353c4bec041d9acc3575b407755a5affda7eb9db
6657edd372823e68a53c23ab49e04d0e474c61c3720a08ffb7be90d97e04b9e1
67664636e41f19decd95b994404788cefb43fde6744cb8bf81f9d7271e59764b
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6df989715ad32d6cfc94743b0c67010d2f3e90d15409779527d705a0f6a07b3b
72d18baa0d48256379d7e6616226233e128d21d5dc01932db2213d4476c55d7d
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7444e5e9f69692f6a3f646ce26dc7321047b04dc25948308d08fed565b73f3f1
745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3
768e258de254709aa8bff00184c69ff5639eb796bf61e4efa3a0bf9528de53ea
7796a9846d4aaeb35dcca491c639295994faaa796b20610526d6e1c5da4509b1
7a53622feebce4ae80bfbc6a9f1b08ba21bf6e57beb368fc67309e6da5698ef5
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
8065a1611128253a5d241c8322c3d8d6fa44130970063c666678625c96fe0910
82336376eedbb339b0b9e4cdaf2712ef637db4afe2bcab6a14bbfb4f80404980
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
858387504a5c6223bcb00b8c4ef7bb5e7ffeef1ca4b556aef0bae9c18c60c8e4
8590270dbad0ab5e49bab98f9280d69e5265658a6aeb27a00521baae9348244c
85912f64836b944ce5980d0c14b5b08705967f84e6d6ab852f7641628f0545af
86af77627c4b7dbeb1f510e2dd19123fe873b4ab57799626761f6febaec28e55
88871b51ece3fcd50b57852d5fe96edef94dd83ea3b93f6b1cbe2a97214995ad
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8d253bab413655d49ac0a53400f60ef2673a6842f26e59c25e5f3680b37c2af0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8efe4cd73d994b8ccb8848df4047351ced52b5083e7b3eaa21486c3a8829ed4b
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
9092189a0058ff54780839ae3e2e088986b498b5207e3be214b6f5f2ff4b8715
90f5184d022dacea92af2405c04a9246ec58975e59f41d4f6033320c9e4f9ae8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
926cb81b96cb5c9cf01ba1351ab70417c29bfeb7ab56de99a145a1735c7cb930
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905
95c40285dd40680acce8f9dee923f4bec456e53c2ecfc0c8e80fe473b48bb71b
96bae9e4c43f1853af93f87123d3f9d9528ac83510cae59f6d5041c83f48f8ae
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
98867c4dbff449ab235d758e4a6dfdc47f8f9c4e94ddc0494e5a3b360529445f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac86f9bf7cddd7963a2df2dfd00d5bae17aff357eeee30a091c3160d86f4202
9c13cc428e876371e3b18e93626afff136c05dbcf4c1b1fd40acaf6a9302ceca
9c37bb778fc7b255e25165fc65d00035534c7053aa8e87bfefead3a93353f1d3
9c452287277338bb066408546c8c571ad1de50769b102e84c61311b8d7573e3b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a100a610d043307ba5c98ffe3961584b23d5f455f815c0ed0a156f923ce6c9a3
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a208496dfa326d37261c7bff8cec2b0213f3d391d61a11075ca12b485a6f4727
a2b9742fed50b16b24335856583333a386421f9eff041d93c63982d02eb3caf8
a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71
a46c296585ba434dedc3932c838cfe4695f4fb7491976d36ae281730e917608b
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a617d7585a2cabd9c7e5ea1688892790b3b08a999e9fa30ff6c0bbeefee0a3ca
a631989b84d18b819b7895142d51fb111152410b922e5050a965c318789e9217
a78018bd658de1d5cea4a08ba2e62cd21a5502481d4985df80d034bbeb0ebba2
ad489d0eb4ec4fbd72195f8e366894fe44f7a6ccba0b5a05f87cff5dc9b3575c
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0c5317963e4cf14e1b75ed3a218377301448f39eb0115d085071c6e27db37a7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b160eced6fa1447110a21823a7930befd170b51b3b95166e35a124c98d9920a7
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b7013b3ab5a1cdef208db2ac82ad1f1b9e323d4a04fee3a53d06a7077f1fc2d8
b805ecbeddc57cdb267383c92a9533a65d56e44e1b91bb7df081b2ff1cb57df3
b85b4aa9ff267765d768fceee96cdb7b52f5a8c1a4799d8c09b5cd8dfef94653
b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bd0ac0b2b430d5454b0569611fdcc0102fa30d7fcf2b7e96f81b90045d953a12
bdccc13e1bc24ac7baa8c4d0e697fb4fd963f8cf0708618f2bdfbd34fa949d95
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29917f0cc65b2c9d60e116ac9f83af6148eded94e8fc53be669f2fcae61ffb3
c33f40ab939ca2d48b1aae408ad1a69c0d758f0d8cccf8fab6d78ec5a8524f54
c4223cabecb3cdaaa96355faae946e8b2b7d14ee205f84642d8f5eb3e2abe25d
c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026
c80e9f7f33090322ae4f531186ffd6f6ff1e5739167c0577d58ef6d833f9a6ee
c865243855d79999fd97d21577b469613c54b6eb5014d9f8a4f64a9a546f2a30
c92b46bd89f59a0381152c84bf1524ab70cfefb2bcd09ad35750e870f972a529
cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59
cd522b9d94e3ecb4c468f9221e5b3564d43eb3bc492aae80ebce602c31345e03
cdf467d3463fd819bc21d8e8079d2c45e19a0a5eb7e8ef71f943244c283dfe18
ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8
ce9d54207cf5c9763f1f4ed8394e11fdc571120e8a3f9931d54a7bbd09641752
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
d35f3eb70fa204cfe4c501ab29ac841d65d26ae2d070716f3fa436a5deeec050
d50661fff894e10589786abd64c14ae41fec6a7c9941b8b249a24edd6188c4eb
da349fc5e90eda9fc4d41a02fd4152fc657825a488be965e7d60ddab6de05018
db13da20fa0a6b43aab6e93d2dd03a0301fb7a0081fa4d745beaf39460f767ba
de6e1e7ead1471c72f45e9cdf2fdbc38fbcc88d13ba8f0c5214803fe301a9f33
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0d8140dd4a3acce569e304ee25611b9da00b27b139b2ab15a697d715aee8062
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c9de93c9bb2b920fa850e5d2fc5ac23474fa967a3b0ccb1d79e273bf296c8d
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9f8921cd65e928a2f9f7d1f0ff5940300e8cfd7cc66c2cf569d5ba6fe1b5ad0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f23df0bfa7d0a0342df618af970d3a96ed6385c420084934e34337ab8c0d8fb1
f465383b81584f551cea0601a50393a568fbd4f63927be670b1af1af98042c03
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f565406d1d70700bd116bb757c8f4991058b9be7bb5832634f83396ed8d41c97
f58931d59bc21fdf982606d989220a1ae1a45c65b51e4d9f0b6d5c502d04710c
f9db26cc4a5ececf2b730187e781db0e354251ae4c7103743651bdfe2ab360bb
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fcf9b6dabd71f6ed32615c64054f36fad3ae7b81586ebcc8661d8ed49f4cc791
fd78b671404104f6db1e72f41217d187b59095f680f78ed3ed3119e4ed721a75

folkd.com Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

751 Requests

85 %HTTPS

40 %IPv6

86 Domains

112 Subdomains

64 IPs

12 Countries

9954 kBTransfer

27092 kBSize

89 Cookies

10 Outgoing links

Page URL History

Redirected requests

751 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

folkd.com Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

751
Requests

85 %
HTTPS

40 %
IPv6

86
Domains

112
Subdomains

64
IPs

12
Countries

9954 kB
Transfer

27092 kB
Size

89
Cookies

751 HTTP transactions
12 data transactions