www.kold.com Open in urlscan Pro
2a02:26f0:10e::5435:a1e8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.tucsonnewsnow.com/
Effective URL:
https://www.kold.com/
Submission: On September 12 via api (September 12th 2022, 9:49:31 am UTC) from US — Scanned from DE

Summary HTTP 328 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 75 IPs in 10 countries across 63 domains to perform 328 HTTP transactions. The main IP is 2a02:26f0:10e::5435:a1e8, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is www.kold.com. The Cisco Umbrella rank of the primary domain is 351306.
TLS certificate: Issued by R3 on August 19th 2022. Valid for: 3 months.

This is the only time www.kold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2a02:26f0:10e... 2a02:26f0:10e::5435:a1e8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	2a02:26f0:11a... 2a02:26f0:11a::5f65:1731	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
2	52.222.214.127 52.222.214.127	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:e400:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:497c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.36.162.26 23.36.162.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.73.204.82 52.73.204.82	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1901:0:3... 2600:1901:0:3b3e::1	15169 (GOOGLE) (GOOGLE)
5	184.51.9.34 184.51.9.34	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
9	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	2a02:26f0:ea:... 2a02:26f0:ea:4ba::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
3	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:26f0:dc:... 2a02:26f0:dc:2b0::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:fc00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
20	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	52.216.110.21 52.216.110.21	16509 (AMAZON-02) (AMAZON-02)
1	54.237.24.134 54.237.24.134	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1e0... 2400:52e0:1e00::864:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2606:4700:303... 2606:4700:3033::6815:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	2400:52e0:1e0... 2400:52e0:1e00::601:1	200325 (BUNNYCDN) (BUNNYCDN)
2 8	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:c... 2600:1901:0:ccb0::1	15169 (GOOGLE) (GOOGLE)
1 18	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
4	198.47.127.22 198.47.127.22	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
5 12	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	184.51.9.98 184.51.9.98	16625 (AKAMAI-AS) (AKAMAI-AS)
4	184.51.9.18 184.51.9.18	16625 (AKAMAI-AS) (AKAMAI-AS)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 23	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 18	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
4 8	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2a05:d018:d29... 2a05:d018:d29:3602:907b:7a9f:e2d8:a678	16509 (AMAZON-02) (AMAZON-02)
1	52.50.89.178 52.50.89.178	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:c4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.19.197.203 52.19.197.203	16509 (AMAZON-02) (AMAZON-02)
1 1	34.96.71.22 34.96.71.22	15169 (GOOGLE) (GOOGLE)
1 1	34.203.21.169 34.203.21.169	14618 (AMAZON-AES) (AMAZON-AES)
1	52.30.247.235 52.30.247.235	16509 (AMAZON-02) (AMAZON-02)
2 3	3.67.157.21 3.67.157.21	16509 (AMAZON-02) (AMAZON-02)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	34.199.163.65 34.199.163.65	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.236.72.34 34.236.72.34	14618 (AMAZON-AES) (AMAZON-AES)
1 1	50.31.142.63 50.31.142.63	23352 (SERVERCEN...) (SERVERCENTRAL)
2 2	52.29.20.174 52.29.20.174	16509 (AMAZON-02) (AMAZON-02)
1 1	34.111.151.213 34.111.151.213	15169 (GOOGLE) (GOOGLE)
2 3	23.75.246.168 23.75.246.168	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	52.59.78.133 52.59.78.133	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	52.213.127.205 52.213.127.205	16509 (AMAZON-02) (AMAZON-02)
1	34.209.30.241 34.209.30.241	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.79.143 2.18.79.143	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
328	75

9 2a02:26f0:10e::5435:a1e8 (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.tucsonnewsnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.kold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:26f0:11a::5f65:1731 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

gray-kold-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-127.fra56.r.cloudfront.net

www.burst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:e400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:497c (United States)

ASN13335 (CLOUDFLARENET, US)

www.queryly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.162.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-26.deploy.static.akamaitechnologies.com

webpubcontent.raycommedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.73.204.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-204-82.compute-1.amazonaws.com

www.metv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:3b3e::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

reconditerespect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:ea:4ba::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd331.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc:2b0::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:fc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.110.21 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.237.24.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-24-134.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::864:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

staticcdn.metv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e00::601:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

cdnmetv.metv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:ccb0::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

operationchicken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.89.210.90 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.18.126 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.51.9.98 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-98.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.51.9.18 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-18.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.18.19.126 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.184.226 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 209.54.182.161 (Ashburn, United States) 4 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:907b:7a9f:e2d8:a678 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.89.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-89-178.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.197.203 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-197-203.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.21.169 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-21-169.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.247.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-247-235.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.67.157.21 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-157-21.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.163.65 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-163-65.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.236.72.34 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-72-34.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.63 (Lincolnwood, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.20.174 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-20-174.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.75.246.168 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-246-168.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.78.133 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-78-133.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.127.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.30.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-30-241.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.79.143 (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-143.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu5dv6accjhy6yy7acsq-p3xubp-465355dbd-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

fiaazgbagcqaikqce3ydkaaaczrr6afg-p3xubp-a5927c5ed-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	858 KB
48	doubleclick.net 7 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 188 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 303 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373	317 KB
35	casalemedia.com 10 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 755 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709 r.casalemedia.com — Cisco Umbrella Rank: 1020 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904	28 KB
23	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 329 acdn.adnxs.com — Cisco Umbrella Rank: 876 secure.adnxs.com — Cisco Umbrella Rank: 725	97 KB
18	arcpublishing.com gray-kold-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 563650	772 KB
17	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 713 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 702 image6.pubmatic.com — Cisco Umbrella Rank: 891 t.pubmatic.com — Cisco Umbrella Rank: 5050	152 KB
14	piano.io api-esp.piano.io — Cisco Umbrella Rank: 16042	114 KB
11	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1042 trc.taboola.com — Cisco Umbrella Rank: 918 images.taboola.com — Cisco Umbrella Rank: 1875 pips.taboola.com — Cisco Umbrella Rank: 397303 cds.taboola.com — Cisco Umbrella Rank: 2547	208 KB
10	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 19 adservice.google.com — Cisco Umbrella Rank: 142	2 KB
9	metv.com www.metv.com — Cisco Umbrella Rank: 113391 staticcdn.metv.com — Cisco Umbrella Rank: 197940 cdnmetv.metv.com — Cisco Umbrella Rank: 160887	174 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 350	288 KB
8	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 415	5 KB
8	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 942 cdn.indexww.com — Cisco Umbrella Rank: 2169	8 KB
8	kold.com www.kold.com — Cisco Umbrella Rank: 351306	619 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	307 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2119	59 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 486	1 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2793 eu5dv6accjhy6yy7acsq-p3xubp-465355dbd-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2799 fiaazgbagcqaikqce3ydkaaaczrr6afg-p3xubp-a5927c5ed-clienttons-s.akamaihd.net	1 KB
4	gstatic.com fonts.gstatic.com	53 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480 fonts.googleapis.com — Cisco Umbrella Rank: 120	36 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 458 mug.criteo.com — Cisco Umbrella Rank: 1814	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	217 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1924	1 KB
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 420	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3469 adservice.google.de — Cisco Umbrella Rank: 5202	1 KB
3	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 223	3 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1628 mab.chartbeat.com — Cisco Umbrella Rank: 3129	25 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	102 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 652	956 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 5953	789 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1307	1 KB
2	eqads.com 1 redirects um2.eqads.com — Cisco Umbrella Rank: 6166	563 B
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 772	2 KB
2	operationchicken.com operationchicken.com — Cisco Umbrella Rank: 35796	723 B
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1565	78 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1818 c.go-mpulse.net — Cisco Umbrella Rank: 733	51 KB
2	reconditerespect.com reconditerespect.com — Cisco Umbrella Rank: 44152	33 KB
2	queryly.com www.queryly.com — Cisco Umbrella Rank: 16338	9 KB
2	burst.com www.burst.com — Cisco Umbrella Rank: 58188	13 KB
1	akstat.io 684dd331.akstat.io — Cisco Umbrella Rank: 61582	200 B
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 4174	212 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2151	336 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 951	191 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 3356	366 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 845	317 B
1	extend.tv 1 redirects sync.extend.tv — Cisco Umbrella Rank: 2906	546 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1399	44 B
1	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 297
1	advangelists.com 1 redirects nep.advangelists.com — Cisco Umbrella Rank: 4166	234 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 6405	420 B
1	adroll.com 1 redirects d.adroll.com — Cisco Umbrella Rank: 2535	112 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 846	430 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1356	201 B
1	amazonaws.com s3.amazonaws.com	561 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 791	464 B
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 7108	782 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	16 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 976	29 KB
1	raycommedia.com webpubcontent.raycommedia.com — Cisco Umbrella Rank: 225829	760 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 2107	417 B
1	tucsonnewsnow.com 1 redirects www.tucsonnewsnow.com	328 B
0	rlcdn.com Failed api.rlcdn.com Failed
0	netmng.com Failed google2waycm.netmng.com Failed
328	63

	Domain	Requested by
32	tpc.googlesyndication.com	www.kold.com d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
20	securepubads.g.doubleclick.net	www.kold.com securepubads.g.doubleclick.net d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com www.googletagservices.com
19	dsum-sec.casalemedia.com	5 redirects r.casalemedia.com um2.eqads.com googleads.g.doubleclick.net
18	cm.g.doubleclick.net	7 redirects r.casalemedia.com googleads.g.doubleclick.net d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com www.kold.com
18	ib.adnxs.com	1 redirects ads.pubmatic.com acdn.adnxs.com r.casalemedia.com googleads.g.doubleclick.net
18	gray-kold-prod.cdn.arcpublishing.com	www.kold.com gray-kold-prod.cdn.arcpublishing.com
17	pagead2.googlesyndication.com	www.kold.com tpc.googlesyndication.com d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
14	api-esp.piano.io	www.kold.com code.jquery.com api-esp.piano.io
8	s0.2mdn.net	tpc.googlesyndication.com www.kold.com d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com s0.2mdn.net
8	s.amazon-adsystem.com	4 redirects r.casalemedia.com
8	www.google.com	2 redirects www.kold.com securepubads.g.doubleclick.net d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com tpc.googlesyndication.com
8	www.kold.com	www.kold.com
7	t.pubmatic.com	ads.pubmatic.com
7	www.googletagservices.com	d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.kold.com
7	htlb.casalemedia.com	ads.pubmatic.com
6	googleads.g.doubleclick.net	www.googleadservices.com d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com www.kold.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.metv.com api-esp.piano.io www.kold.com
5	match.adsrvr.org	r.casalemedia.com ads.pubmatic.com
5	ssum-sec.casalemedia.com	5 redirects
5	d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	cdn.taboola.com	www.kold.com cdn.taboola.com
5	ads.pubmatic.com	www.kold.com ads.pubmatic.com
4	fonts.gstatic.com	fonts.googleapis.com
4	cdn.indexww.com	r.casalemedia.com
4	r.casalemedia.com	js-sec.indexww.com
4	acdn.adnxs.com	ads.pubmatic.com
4	js-sec.indexww.com	ads.pubmatic.com
4	hbopenbid.pubmatic.com	ads.pubmatic.com
4	cdnmetv.metv.com	www.metv.com
4	www.googletagmanager.com	www.kold.com www.googletagmanager.com
3	fonts.googleapis.com	client tpc.googlesyndication.com
3	px.owneriq.net	2 redirects r.casalemedia.com
3	x.bidswitch.net	2 redirects r.casalemedia.com
3	trc.taboola.com	cdn.taboola.com
3	sb.scorecardresearch.com	cdn.taboola.com www.kold.com
3	www.metv.com	www.kold.com
3	cdnjs.cloudflare.com	www.kold.com cdnjs.cloudflare.com
2	eb2.3lift.com	2 redirects
2	match.360yield.com	2 redirects
2	googleads4.g.doubleclick.net	www.kold.com
2	pm.w55c.net	2 redirects
2	um2.eqads.com	1 redirects r.casalemedia.com
2	pr-bh.ybp.yahoo.com	1 redirects r.casalemedia.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	operationchicken.com	reconditerespect.com
2	use.fontawesome.com	www.metv.com use.fontawesome.com
2	staticcdn.metv.com	www.metv.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	mug.criteo.com	www.kold.com
2	gum.criteo.com	1 redirects
2	reconditerespect.com	www.kold.com
2	www.queryly.com	www.kold.com
2	static.chartbeat.com	www.kold.com
2	www.burst.com	www.kold.com www.burst.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	fiaazgbagcqaikqce3ydkaaaczrr6afg-p3xubp-a5927c5ed-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	eu5dv6accjhy6yy7acsq-p3xubp-465355dbd-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	684dd331.akstat.io	s.go-mpulse.net
1	id.sharedid.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	pixel-sync.sitescout.com	d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
1	dmp.brand-display.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	sync.extend.tv	1 redirects
1	match.deepintent.com	r.casalemedia.com
1	dpm.demdex.net	r.casalemedia.com
1	nep.advangelists.com	1 redirects
1	s.company-target.com	1 redirects
1	d.adroll.com	1 redirects
1	match.prod.bidr.io	r.casalemedia.com
1	secure.adnxs.com	r.casalemedia.com
1	images.taboola.com	www.kold.com
1	image6.pubmatic.com	ads.pubmatic.com
1	www.google.de	www.kold.com
1	ajax.googleapis.com	www.metv.com
1	ping.chartbeat.net	www.kold.com
1	s3.amazonaws.com	www.kold.com
1	static.adsafeprotected.com	reconditerespect.com
1	region1.google-analytics.com	www.googletagmanager.com
1	tag.simpli.fi	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	c.go-mpulse.net	s.go-mpulse.net
1	code.jquery.com	api-esp.piano.io
1	mab.chartbeat.com	static.chartbeat.com
1	s.go-mpulse.net	www.kold.com
1	webpubcontent.raycommedia.com	www.kold.com
1	polyfill.io	www.kold.com
1	www.tucsonnewsnow.com	1 redirects
0	api.rlcdn.com Failed	ads.pubmatic.com
0	google2waycm.netmng.com Failed	d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
328	94

This site contains links to these domains. Also see Links.

Domain
grow.withgray.tv
www.graytvlocal.com
www.theazweekend.com
www.tep.com
www.fox.com
www.mynetworktv.com
www.cbs.com
recruiting.ultipro.com
www.circleallaccess.com
www.investigatetv.com
www.graydc.com
www.vuit.com
www.facebook.com
www.twitter.com
www.landal.de
popup.taboola.com
publicfiles.fcc.gov
webpubcontent.gray.tv
www.queryly.com

Subject Issuer	Validity	Valid
gray3.web.arc-cdn.net R3	`2022-08-19` - `2022-11-17`	3 months	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2021-11-29` - `2022-12-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
burst.com Amazon	`2022-03-18` - `2023-04-16`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
star2.arcpublishing.com R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
metv.com Amazon	`2022-06-18` - `2023-07-17`	a year	crt.sh
reconditerespect.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
staticcdn.metv.com R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
cdnmetv.metv.com R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
operationchicken.com R3	`2022-09-07` - `2022-12-06`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
um3.eqads.com Amazon	`2022-06-11` - `2023-07-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh

This page contains 40 frames:

Primary Page: https://www.kold.com/
Frame ID: 4F2DD893A7B192648C10385FE4E7D7B0
Requests: 142 HTTP requests in this frame

Frame: https://www.metv.com/affiliatedwidget?market=71
Frame ID: B3D80844C2D073D0B442F316D81C2977
Requests: 1 HTTP requests in this frame

Frame: https://www.metv.com/affiliatedwidget?market=71
Frame ID: A1A79E24C726F65CFD2023D7D869F165
Requests: 11 HTTP requests in this frame

Frame: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A74E431450AE645F19D3E4F370CAF647
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 58CB6835C177F3B90427DCA6AA2CA47E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4A117C41ED39B5809BD04E18611F7E51
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 76080FB00E3087D15376DEDB37803C48
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 591A812F02C07803FF5F6F6C574F3D6D
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B7BF533C05B54ADDCD1F7ACE65319E4E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: ADC00954459C71F1AEE869FB0844F6AE
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3786F802769BF1FA32F93C63BB06B73A
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 57A4530DFDCB725195FDD587627AB470
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 9009FEEF908F198E68EBB3427CA251B7
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 48F6FE74861260612764B64751B39863
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 1C35BC34D0DF55F474E7F111F67EB263
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 94178F7623218C4CEA77A1563CCD2F1B
Requests: 1 HTTP requests in this frame

Frame: https://api-esp.piano.io/publisher/unattended/1144?wv=50&v=vg.1.97.29-0d87610
Frame ID: 0ACA961F4BD810C4E1C34F181CEAC09F
Requests: 4 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 69F14E40C79B28197B880FB934AE55F5
Requests: 10 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 45A16D81A46A135C52FA36E49D631A36
Requests: 10 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 99DE7C77A1B91E3694CBFBCC85D1A6F9
Requests: 10 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 9FAFEA1D7483C67E81D55545ED41CFC3
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: D67FE7DE33FA0386A6F7A9E5298A3821
Requests: 2 HTTP requests in this frame

Frame: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 71BA54A4EA74DCB9A4D1193844FA5180
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html
Frame ID: 8DF35040173B5E8D6D69765FB4CF0CAD
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FE57FC8547824A8F16BB1A918676BE7D
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuID06fIcgpX2muxX29TUjy3xE59SwuZoCe_s67-kD27ovZcRnv5fzKyiagrOXyiHhLi-9lXC8_s0ftg8hPeG9yPbsvNV88E72f6uug2ntg34c9dtLDvZ2T_hm9697lZ8__EeaxDBmoDc2lFa-u8PLcdGoa6Bf2721zOwEginSa3ClEDekdKxNC-4mScGJIvacEMvJpP3p4uoADUT6-t3OFWdlzbiCJ8BksymWQmQMbP1iSwrAhCJMrFz3ZIFsCFrotycEOQ9-rS2xoZV4pBZ1pVbKIQYyZO5sMl9XMpu7-7kHdSlobrz7V593wpnoTHm6m-A&sai=AMfl-YTmyMYsHwg7RN-xYxmMbbrCi6ucAaSNF6rI2U7SeJbH6AVDKcvPGSh2daZxsqBr_Q0o5q0pP12e4F3o_ZaHkVSkJAOwHp-WCdTGiZfNipjVU-8SO_e-oioThXEWOA&sig=Cg0ArKJSzLbuTvMFt0jYEAE&uach_m=[UACH]&adurl=
Frame ID: 4961820A61A6048AA1DE94458322F3AB
Requests: 8 HTTP requests in this frame

Frame: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1B4EB6AAEF5C888E3C088823A4D07490
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCZAf8hbFTXIRcIgcKhZua4S51aI0zK2X0RrKvQa663RSJU_NejFmMIcjOKizb7pGOPePGRyKibJI9CvOh3B7OPxMiypablpm3j0XSmxPZXQPpJykZPvHryUO73WV47UQwG5VJvlXZesVSZ6JmIDBRfrKeQtHqoYb9zwGYpowuIi9SGatvjZ4QVA-Y0iD3i0y3YI7tJPK01Q_lVo0VLvqRmEER9o7L_iyfJfbU_Kfh9Tmqc04SruEixbRds8c6s0ZJdZraM5nj4j6PexMRVXhhg5PS-lpQmYKvJ5Yl96DiV4jKSnkmxo8kOZo_xukbfKBqBg&sai=AMfl-YSHSSFpyRbwWEw7vcDpAEUHzUV597gUAl77CzbvSSqJtde-DjVMFUCGJSWD17Lm7vYqKXd4wcs9wPHFFKDrGz2_S7xB-JUw8xsPsSAo5PZ9bYlME8aGKiQayqvU4A&sig=Cg0ArKJSzLdvFjBvTIaUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 55436499B99EB246DFC0A62479473880
Requests: 4 HTTP requests in this frame

Frame: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 74DF9EEFF90B32537A0C3816C3709E82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJGvfRD5ipfOAxivnLvSATAB&v=APEucNXslmsJZKn-hDw2KP1ki16Yh0VFln-997DofOAdA7tisoN-oiqNeXuVajqYY5Wfx-H6slQ2uSC1EFk5Hp_Hre4kc8rqMcQwQAisR9MZMq0NZ-oot5KK81Sre0PUO_OPrTnROOxtjn7Fof5IDKKZo_77ojYyf4A8Nr1YsZTI8p9W4U7fp7A
Frame ID: 92DDB55A1962FD3EE39E266E5EE777E4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js
Frame ID: C24F2E68209F5FB50DD6D4750EDEFE33
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 70F1CE22BD18D6B8F517D2A730C1E893
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 997A9F4FCA555F1E40FE09A5C6F74297
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=dx0fTz4gxv&t=1&renderingType=2
Frame ID: E8F30EA86A420F0430A5E53BCAB2281A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpk8MDNVXyzb5z_O3VzydqTuR1zujARJOqMncK7mrgMZlcOt__jdWRn9I_NWA_PjgaSWoXFg_M3rtYclW2RljQKU9ujW6biwtk_kt_B5tkUgzmydCeomLy-gpE6TEuUVz96Ir2h4H3fJOCJPTfklHp9-IwENBf3wHpwXtOBLWYmoeXQw1Cao62ev0ITjXMBx-Zosdtx0Rm2xWk8HbQ9b3t0TRzD64YjKqgbwGtxKuLLdw_Gu9EYjDnq6xk3X6KXm0K_RUXXlAQC-NOVdR2XdtJd1UmwzgMO4GzXp9IyJlGgCdMjAGS4qR2nFz_2D38c1tnmvuxJoHz1NVyGYsf_iAUzTbI63GNMIdIE8QsmZpJ97Np_9568VEasIA&sai=AMfl-YQoZseIjqGmJu8gZonYoNZK5aTMr3P3XTytQBYYeKZfr-mbFUcLfoOa2a4bxpal86UybiYlhTVK6pGMpZL3HdALpkerOZAFxx_Q4--5PnmCdEfcLWPz_R0Gxz3dWiA&sig=Cg0ArKJSzOb_kWjWdPoaEAE&uach_m=[UACH]&adurl=
Frame ID: 9B931472D0976A103D0DF65C3999B7B5
Requests: 8 HTTP requests in this frame

Frame: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A803F3AA95C6D3C0011509D333EE972
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html
Frame ID: 554D32F2FE270EF369B74F5957030411
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BCA373B86D7E9BD0D56B6652303CF82E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 31AD86D133F5EE5DF38485B81E4CDA1C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 198B13F6E66F0C7CD6B5A460911B0EAD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page URL History Show full URLs

http://www.tucsonnewsnow.com/ HTTP 301
https://www.kold.com/ Page URL

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

328
Requests

91 %
HTTPS

46 %
IPv6

63
Domains

94
Subdomains

75
IPs

10
Countries

5432 kB
Transfer

12666 kB
Size

52
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://grow.withgray.tv/kold/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.graytvlocal.com/market/tucson-az
Title: Business Directory

Search URL Search Domain Scan URL

URL: https://www.theazweekend.com/contests/
Title: AZ Weekend Contests

Search URL Search Domain Scan URL

URL: https://www.theazweekend.com/?_ga=2.155669310.48765111.1615402160-1550363320.1615402160
Title: AZ Weekend

Search URL Search Domain Scan URL

URL: https://www.tep.com/solar-dashboard/
Title: TEP Solar Dashboard

Search URL Search Domain Scan URL

URL: https://www.theazweekend.com/?_ga=2.264183183.281644180.1615824734-1603375000.1615824734
Title: AZ Weekend

Search URL Search Domain Scan URL

URL: https://www.fox.com/
Title: Fox 11

Search URL Search Domain Scan URL

URL: https://www.mynetworktv.com/
Title: My18

Search URL Search Domain Scan URL

URL: https://www.cbs.com/
Title: CBS

Search URL Search Domain Scan URL

URL: https://recruiting.ultipro.com/GRA1017GRYT/JobBoard/ae441110-89bd-444d-8ad2-b76c7b9db7a9/?q=&o=postedDateDesc&w=&wc=&we=&wpst=&f4=vzauRM0vSl6VVVh-Ke14nw
Title: KOLD Jobs

Search URL Search Domain Scan URL

URL: http://www.circleallaccess.com/
Title: Circle - Country Music & Lifestyle

Search URL Search Domain Scan URL

URL: https://www.investigatetv.com/
Title: Investigate TV

Search URL Search Domain Scan URL

URL: https://www.graydc.com/
Title: Gray DC Bureau

Search URL Search Domain Scan URL

URL: https://www.vuit.com/publishers/297/kold/vod
Title: Latest Newscasts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KOLDNews

Search URL Search Domain Scan URL

URL: https://www.twitter.com/KOLDNews

Search URL Search Domain Scan URL

URL: https://www.landal.de/parks/resort-maria-alm?utm_source=austria.info-_-%7Bcustom%7D&utm_medium=partner&utm_campaign=lgp_de_structureel&utm_content=partner_A&tblci=GiDOX-UaQJNQ9LkcZcgYhDecwaHcTe4o23VHpnhFqb8vvCDmu1ooqJPRs6SrqPyqAQ#tblciGiDOX-UaQJNQ9LkcZcgYhDecwaHcTe4o23VHpnhFqb8vvCDmu1ooqJPRs6SrqPyqAQ
Title: Landal Green Parks

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-koldnews13&utm_medium=referral&utm_content=thumbnails-native:Homepage%20Native%20Backfill:
Title: Sponsored

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/KOLD-TV
Title: KOLD Public Inspection File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/api/manager/download/0b7fd011-1bff-71f7-4891-3dce78b156ef/36afff89-4d8b-4a1d-aa26-c96af6a0c118.pdf
Title: KOLD EEO Report

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/kmsb
Title: KMSB Public Inspection File

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/kttu
Title: KTTU Public Inspection File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/api/manager/download/c1c182b8-10c3-c5e4-8c4f-b15b4997c6d1/7f91ea11-49a0-48fa-a44a-837ea604da03.pdf
Title: KMSB / KTTU EEO Report

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/gdm/fcc/kold-fcc_applications.pdf
Title: KOLD FCC Applications

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/gdm/fcc/kmsb-fcc_applications.pdf
Title: KMSB FCC Applications

Search URL Search Domain Scan URL

URL: https://www.queryly.com/
Title: search by queryly

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.tucsonnewsnow.com/ HTTP 301
https://www.kold.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kold.com%2F&domain=www.kold.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=FpxD4XxmWHhTOFZBWG91WlEzTVpKM2VlYlAzc3E2K2hLWWQ0bWFBTmYzTFBJV1Y2TnFWQmVrWDF5Y1lORExObTN4cktrbFBHV1pZVlVCSHo5am5kZzduNVYyRWp5aUg3bkg1VTlIOHZQdVluU0JEbksxZm9ZM1pkNVRjMFFFUHZJNzhOR0dIS0pUQzBuOXQ0aXQ1Z3VNZHV6MEIvV1VMWXBabFZ6RFU3RDJWVEtmbDhJQ0xENjB2Mk1oWlBaWGoydTI5a2p3WWhtRzBnb1pFVWZuMis1WUlDOVk4MWxma1J5ODA0U1llMEFacElMUHNNPXw&cppv=2

Request Chain 147

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 149

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 150

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 151

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 154

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENkjSneyGYk2bKPx8LJc9B4&google_cver=1&gdpr=1

Request Chain 156

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&dcc=t

Request Chain 164

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApAvKYyCGwvqpxXDk-QAABK8AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApAvKYyCGwvqpxXDk-QAABK8AAAIB&dcc=t

Request Chain 165

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIwDwBIMYxiI_hPxGJF9S_4&google_cver=1&gdpr=1

Request Chain 166

https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 167

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678614564&external_user_id=63c299a8-6e7d-4c5b-a9be-94c666002e91

Request Chain 168

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-3874cafd-8e45-4397-aaa3-9e739395383e

Request Chain 170

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKS6s9Z35kiPtJayLekqEvQ&google_cver=1&gdpr=1

Request Chain 173

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&dcc=t

Request Chain 177

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5ee4e11b-2d7d-4d21-9d41-dd15c9116123

Request Chain 179

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 181

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&dcc=t

Request Chain 182

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMs6qlmM6YDTpNXlsj_C0p0&google_cver=1&gdpr=1

Request Chain 184

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

Request Chain 185

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=KuYHonT91OxG4c5&gdpr=1

Request Chain 186

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=4f670fed-8269-21aa-2947beea

Request Chain 187

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7162625641584285434&uid=Q7162625641584285434&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 205

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKa7LRnoqIkxrDNYuefGo0&google_cver=1

Request Chain 247

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKa7LRnoqIkxrDNYuefGo0&google_cver=1

Request Chain 248

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECSsEws91IkDJH5otPOXUlY&google_cver=1

Request Chain 249

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxNDc5MzczNjIwMzA1OTU1Ng%3D%3D

Request Chain 254

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECHXjoBFfFj29qZIFXVuxM4&google_cver=1&google_push=AehlK4CUaQ99NX0mOXHZRqmTGrNcETX662XmwyGuTV_FMh_MbpDSjnqDIQ29ly9qFLlPZ-L6ImxcEsuuPKF8az4D1hcRlUncTw3F HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECHXjoBFfFj29qZIFXVuxM4&google_cver=1&google_push=AehlK4CUaQ99NX0mOXHZRqmTGrNcETX662XmwyGuTV_FMh_MbpDSjnqDIQ29ly9qFLlPZ-L6ImxcEsuuPKF8az4D1hcRlUncTw3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CUaQ99NX0mOXHZRqmTGrNcETX662XmwyGuTV_FMh_MbpDSjnqDIQ29ly9qFLlPZ-L6ImxcEsuuPKF8az4D1hcRlUncTw3F&google_hm=-udWi0P8R9a390WEUAHnSA==

Request Chain 255

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPiXlP2C-Kqpiut3KuExFok&google_cver=1&google_push=AehlK4CzpZzvWoQGhl0-y6txJ7i3-HHOEczyhpUSr7gqUvam7uZklXXmAnBI4k0WF5cj1cKG0W52gm3_rWqYunWOueAl2HHToIGC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CzpZzvWoQGhl0-y6txJ7i3-HHOEczyhpUSr7gqUvam7uZklXXmAnBI4k0WF5cj1cKG0W52gm3_rWqYunWOueAl2HHToIGC&google_hm=NDMwMDY2ODA4Mjc3NTY4NDk%3D

Request Chain 256

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM5ygGGCCL27gEvf-tu8hwo&google_cver=1&google_push=AehlK4DVOFxfU7z_t09vtFFSJLBwFZvb_KpKNWVix7z7NZ9OTcuJ8cFGGZ7I3-4LOzgVds30xLhFn6P6F8LaNaoyGi9Gw6Z-VUNI HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM5ygGGCCL27gEvf-tu8hwo&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&google_nid=index&google_push=AehlK4DVOFxfU7z_t09vtFFSJLBwFZvb_KpKNWVix7z7NZ9OTcuJ8cFGGZ7I3-4LOzgVds30xLhFn6P6F8LaNaoyGi9Gw6Z-VUNI

Request Chain 257

https://match.360yield.com/match/ebda?google_gid=CAESEOoK3Lq6FvtMmGQHyPQj1e8&google_cver=1&google_push=AehlK4AkuSLFv5Sn7jVMz0yhxhuNg8Aahp1DLwNZcxPSxGZyg_jPHl6g6L-urc_nxrtr0viy8qyBQTJY4Z-ewZQ3HsGhnMTAedpx HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOoK3Lq6FvtMmGQHyPQj1e8&google_cver=1&google_push=AehlK4AkuSLFv5Sn7jVMz0yhxhuNg8Aahp1DLwNZcxPSxGZyg_jPHl6g6L-urc_nxrtr0viy8qyBQTJY4Z-ewZQ3HsGhnMTAedpx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=74HrPtQ6TdWIUn64y80LMw&google_push=AehlK4AkuSLFv5Sn7jVMz0yhxhuNg8Aahp1DLwNZcxPSxGZyg_jPHl6g6L-urc_nxrtr0viy8qyBQTJY4Z-ewZQ3HsGhnMTAedpx

Request Chain 258

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDFVLxfoF3WzIVB-V6vD9Uw&google_cver=1&google_push=AehlK4BlUsTQTswEu0ZkOOKnAwAakDV6GgP0sKwTFq3qEnl17z_TOhHIGpc7Jeyket8god5cUOlNCigA6TWxvzXwpTHZ-8mZr6hp HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4BlUsTQTswEu0ZkOOKnAwAakDV6GgP0sKwTFq3qEnl17z_TOhHIGpc7Jeyket8god5cUOlNCigA6TWxvzXwpTHZ-8mZr6hp&google_gid=CAESEDFVLxfoF3WzIVB-V6vD9Uw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY0ODA4MDQyMjQ5MTg2NjYwNDk0NA%3D%3D&google_push=AehlK4BlUsTQTswEu0ZkOOKnAwAakDV6GgP0sKwTFq3qEnl17z_TOhHIGpc7Jeyket8god5cUOlNCigA6TWxvzXwpTHZ-8mZr6hp

Request Chain 302

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 318

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p3xubp9z9 HTTP 302
https://eu5dv6accjhy6yy7acsq-p3xubp-465355dbd-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 319

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p3xubp9z9 HTTP 302
https://fiaazgbagcqaikqce3ydkaaaczrr6afg-p3xubp-a5927c5ed-clienttons-s.akamaihd.net/eum/results.txt

328 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kold.com/
Redirect Chain

http://www.tucsonnewsnow.com/
https://www.kold.com/

611 KB
85 KB

982ms
861ms

Document
text/html

2a02:26f0:10e::5435:a1e8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1e8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

2aebcf08c1c9fb7a9c1ac23c9813e0f70b6a083a7b1a0f2c42bf186168740d88

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-true-ttl: -1
cache-control: private, max-age=60
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 09:49:23 GMT
etag: W/"97929-9wtuVPyUhsWLYGSQlG5xqG7VL1Y"
expires: Mon, 12 Sep 2022 09:50:23 GMT
last-modified: Mon, 12 Sep 2022 09:49:22 GMT
server: openresty
server-timing: cdn-cache; desc=REVALIDATE edge; dur=123 origin; dur=715
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-akamai-transformed: 9 84049 0 pmb=mRUM,2

Redirect headers

Akamai-True-TTL: -1
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 12 Sep 2022 09:49:22 GMT
Expires: Mon, 12 Sep 2022 09:49:22 GMT
Location: https://www.kold.com/
Server: AkamaiGHost
Server-Timing: cdn-cache; desc=HIT edge; dur=1

GET
H2 200 react.js Show response
www.kold.com/pf/dist/engine/ 709 KB
160 KB 24ms
21ms Script
application/javascript 2a02:26f0:10e::5435:a1e8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/pf/dist/engine/react.js?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1e8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

0123b68651830a2433646d068171fef24441fdf9e3cbb5947d038711970098bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
x-amz-request-id: VG1WBGQQQ5TX4PA4
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 162766
x-amz-id-2: TMB5KzapUlss4AcZDLGhGvzYBXS4XY9HdSxFElYPjfu/UKKc+N82+2ctRq6EbsDqUwVv0tAaOF8=
last-modified: Thu, 08 Sep 2022 15:41:53 GMT
server: openresty
etag: W/"2fe8d02bb046a5a920c55439f0020f4a"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 09:49:23 GMT

GET
H2 200 default.js Show response
www.kold.com/pf/dist/components/combinations/ 1 MB
274 KB 43ms
40ms Script
application/javascript 2a02:26f0:10e::5435:a1e8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/pf/dist/components/combinations/default.js?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1e8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

0bc2c7b7a806dc41008767b294d7f15ed50a9f479a5d62ab4f6a897133ba7c62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
x-amz-request-id: VG1VJKY19ZD2A8ZT
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 279002
x-amz-id-2: VhWgSV+didmJ3yWcWqSRwGKdaGj7zu52FD/HXNs5+ILdV/Y9vrZn1p2nPpmw3HWQAz9JpTV96Tg=
last-modified: Thu, 08 Sep 2022 15:41:53 GMT
server: openresty
etag: W/"27f083950eebaa463a30a5da4a2e6661"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 09:49:23 GMT

GET
H2 200 main.css
gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/ 83 KB
14 KB 155ms
26ms Stylesheet
text/css 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/main.css?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

6206823ece3aeb65eb7ba918f096d683b67a8848407378847b1f22551ab8721d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
x-amz-request-id: 37XC3QFEM4S9N98W
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=5
content-length: 14217
x-amz-id-2: 1SSjdzc7lvUnXy85zpwTbcMerVurWpwRAnFYnXM53oBVyT/QbZ2hwKRp7hVUkU1g2NkThTd/bO0=
last-modified: Thu, 08 Sep 2022 15:41:51 GMT
server: openresty
etag: W/"6dd05f673b04d6bedc7a004ad60ae072"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 09:49:23 GMT

GET
H2 200 main.css
gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/kold/css/ 100 KB
16 KB 162ms
33ms Stylesheet
text/css 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/kold/css/main.css?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

3c0eebb084c60d188b19d7e2935a28c04176877b741abddbde9b5b2c061a4f1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
x-amz-request-id: 37XD9KJJVDTYZ43W
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 16195
x-amz-id-2: 8TMf/9iLw4JilOxxk90mDTmFG8BBtGsl9ELPUKHae1+oii2DM1Bu7yhsY3tIOOfiAyTFOfn0oeY=
last-modified: Thu, 08 Sep 2022 15:41:51 GMT
server: openresty
etag: W/"da7bffb12701a91eb68a15d4a386a4b5"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 09:49:23 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 55ms
20ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 372578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikJ0c1141Nd2rtvwNnEoyUyEHQok6eIG%2FWHkcVUpoeYy1zxDbNsPA5BQ%2Fh3CWFqYvIQHRIH73J%2FsXhQeTuDnSLY4pwjZN9Jwzp0%2BoP%2Fq4G1nG9VtlonR4gVTTlDvL4PsTFmYLP65foyLxsHK0kuC4ayM"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7497bb9b3a918ff2-FRA
expires: Sat, 02 Sep 2023 09:49:23 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
417 B 71ms
26ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CArray.prototype.forEach%2CSymbol.hasInstance%2Ces6%2CIntl%2ClocalStorage%2CDate.prototype.toISOString%2CDate.now%2Cdefault%2CObject.entries%2CObject.fromEntries%2CArray.prototype.entries
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

Referer: https://www.kold.com/
Origin: https://www.kold.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: br
last-modified: Wed, 07 Sep 2022 11:53:12 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/105.0.0
server-timing: cache-fra19135, PASS, fastly;desc="Edge time";dur=18
accept-ranges: bytes
content-length: 94

GET
H2 200 gtm.js Show response
gray-kold-prod.cdn.arcpublishing.com/pf/resources/js/analytics/ 584 B
800 B 173ms
44ms Script
application/javascript 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/js/analytics/gtm.js?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
x-amz-request-id: 37X3RY92XSPV90TY
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 305
x-amz-id-2: KELVbPzv8gBDErqGNm6zhNNcjhOisjbuKyfBKjvel/PEKr/guHs8OcbYz92NSAQ3Va0mqx+mLdI=
last-modified: Thu, 08 Sep 2022 15:41:52 GMT
server: openresty
etag: W/"d95f5027a66e33b82dc537faa5603017"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 09:49:23 GMT

GET
H2 200 framework.js Show response
www.burst.com/webapps/embed/ 36 KB
10 KB 60ms
9ms Script
application/javascript 52.222.214.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.burst.com/webapps/embed/framework.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-127.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59a04622f5e99182b3c574ab7dcd71ec7584783ed2cbf05d437e72080a261105

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: qC52pvFBiP2wRcTqgSz51JTNd0IA1cWB
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 13:35:38 GMT
server: AmazonS3
age: 4390
etag: W/"71f64b7fce14de5520a87e4b12e0b01e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
cache-control: max-age=10800
date: Mon, 12 Sep 2022 08:36:14 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: _NxqjLY_joVYfnXdvmETwDAIJk7pc3AF8gxW9UZ0oC0UCLx7szy_cg==

GET
H2 200 comscore.js Show response
www.kold.com/pf/resources/js/analytics/ 168 KB
49 KB 37ms
36ms Script
application/javascript 2a02:26f0:10e::5435:a1e8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/pf/resources/js/analytics/comscore.js?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1e8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
x-amz-request-id: VG1WCB0VTSBJDY1R
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 49862
x-amz-id-2: 0Y8KfzqMbRCtcVqAwhbaxLVSKy4fPolI7WsPt8ew1NvmkWBQsITOANw8TNXuxdp+fQae+J9Wnig=
last-modified: Thu, 08 Sep 2022 15:41:52 GMT
server: openresty
etag: W/"702fb2c84c6e8b364a6130cb860c7987"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 09:49:23 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 47ms
8ms Script
application/x-javascript 2600:9000:223c:e400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:29:59 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
age: 4764
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: rbhKR-jVIxl_lDQjDWUGq57hDjGXU9ocDpc-cM_xooJHD_UOwuoNSw==
expires: Mon, 12 Sep 2022 10:29:59 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 48ms
9ms Script
application/x-javascript 2600:9000:223c:e400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:04:57 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
age: 2666
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: HSDS5_ba5ar0F_HZT5V3Fk26E3Zn82YdkYleo8qeOEDaYnD0Qitrvw==
expires: Mon, 12 Sep 2022 11:04:57 GMT

GET
H2 200 queryly.v4.min.js Show response
www.queryly.com/js/ 26 KB
7 KB 43ms
17ms Script
application/x-javascript 2606:4700:20::ac43:497c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/queryly.v4.min.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 140a59e23e17fb2db96ca2d46ab94e56495a813717ff6bfaf6bf6557f308baae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63723
x-powered-by: ASP.NET
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
last-modified: Thu, 11 Aug 2022 16:00:33 GMT
server: cloudflare
etag: W/"80a6a27c9badd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8iRbPMdLPNLDNilJEfbDtGeg%2Bt4E63JBJ9jwMeUTdMmqCV4CEXHhuILXsUbn86OPRT%2FPyh3CjdTQgniNB2ckwuSSLZIdkYP83%2F8ngIpqOHjtNnlRb37q9TKJN5aVUtQtZ4b69uy45cIekeyLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7497bb9c59ecbb47-FRA
access-control-allow-headers: *

GET
H2 200 42VQNXC6TRGDBPZNJIKTXHMYMU.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/AxEQwBBCFKht5fjlAeI-vAGTtWc=/800x600/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 47 KB
47 KB 428ms
424ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/AxEQwBBCFKht5fjlAeI-vAGTtWc=/800x600/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/42VQNXC6TRGDBPZNJIKTXHMYMU.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2e99c500c3f6b50f034bf778fc2f26fdbbf7857ec61e0e72ba5b02db859946aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
x-check-cacheable: YES
x-serial: 1124
etag: "929f75e20139032fc7c4a24264422d82771c614e"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31518574
last-modified: Mon, 12 Sep 2022 05:00:23 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=274, origin; dur=110
content-length: 48005
server: Akamai Image Manager
expires: Tue, 12 Sep 2023 04:58:57 GMT

GET
H2 200 XG2CD752B5BXDEN2UEHVTU7MFY.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/4i-k0w-t_5BvDGmxDPeB7a8bMcg=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 24 KB
24 KB 366ms
362ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/4i-k0w-t_5BvDGmxDPeB7a8bMcg=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/XG2CD752B5BXDEN2UEHVTU7MFY.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

cde90dddfcc5ac63a77f89801cc5acf872367a7afcc13653b2e2512943929212

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
last-modified: Mon, 12 Sep 2022 04:00:19 GMT
server: Akamai Image Manager
etag: "95a900c0e83201e0f88450ba69bc8a1c9a904ead"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31515014
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=326
content-length: 24452
expires: Tue, 12 Sep 2023 03:59:37 GMT

GET
H2 200 YEZVTDCZT5FQNJO6WJURQITTX4.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/GNJ6NfvpseqXWyETaASZ3TBparU=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 42 KB
42 KB 86ms
83ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/GNJ6NfvpseqXWyETaASZ3TBparU=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/YEZVTDCZT5FQNJO6WJURQITTX4.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

5680a747dd348b317409133b28002a66541c5c2df480a13129921ecf91ce8eaa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
last-modified: Mon, 12 Sep 2022 02:16:40 GMT
server: Akamai Image Manager
etag: "bebd5ec55291af9c2bf0542c6c094d5afd7225a3"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31508899
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=56
content-length: 43018
expires: Tue, 12 Sep 2023 02:17:42 GMT

GET
H2 200 THUNS2TF5VAW5CMNWQD4MORWOI.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/nqZIi_68QMz_O3oRUQd20_VwL5U=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 56 KB
57 KB 537ms
533ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/nqZIi_68QMz_O3oRUQd20_VwL5U=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/THUNS2TF5VAW5CMNWQD4MORWOI.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

2c280f4460dd82e94094fbaf0069ed0217d5d2778d57d3eefaf0d0e6e83f4905

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 1800
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "6cad84252809247f244c6da042aabdceafcad662"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, max-age=1800
date: Mon, 12 Sep 2022 09:49:23 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=862
x-akamai-note: original-image
content-length: 57788
expires: Mon, 12 Sep 2022 10:19:23 GMT

GET
H2 200 7Day.jpg
webpubcontent.raycommedia.com/kold/Intellicast/ 758 KB
760 KB 389ms
248ms Image
image/jpeg 23.36.162.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webpubcontent.raycommedia.com/kold/Intellicast/7Day.jpg?time=1615579260000
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-26.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d5ab9bd0f40c0f4c1fdb48634d6febd51766c895f0b251383d18d2d66a9b6e73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
last-modified: Sun, 11 Sep 2022 23:00:08 GMT
server: AmazonS3
x-amz-meta-user-agent-id: kold@s-69172a5d8df84f908
x-amz-cf-pop: FRA53-C1
etag: "846cf309de5ef5f7acd2783a4230ffff"
x-amz-meta-user-agent: AWSTransfer
content-type: image/jpeg
cache-control: max-age=240
server-timing: edge; dur=1, origin; dur=230, cdn-cache; desc=REVALIDATE
content-length: 775750
x-amz-cf-id: ZjwjFu_cBsEJIDFuCEQuYtBa34r2xczLFIfXabilmi6mK3D1i6Z95A==
expires: Mon, 12 Sep 2022 09:53:23 GMT

GET
H2 200 t_4879d2383c17451aacec934a22840008_name_file_1280x720_2000_v3_1_.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/P73jw2TUwsBMPg51zTboFKVQ20w=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-12-2022/ 77 KB
77 KB 606ms
603ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/P73jw2TUwsBMPg51zTboFKVQ20w=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-12-2022/t_4879d2383c17451aacec934a22840008_name_file_1280x720_2000_v3_1_.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

8b708a36f9e96f299cdce90a1db49298d24d13869e3fd22a3069ad75493b40ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
x-check-cacheable: YES
x-serial: 1448
etag: "4a33211f4b0144a0291def8c8385c21a4629fd50"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31520359
last-modified: Mon, 12 Sep 2022 05:29:11 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=245, origin; dur=310
content-length: 78455
server: Akamai Image Manager
expires: Tue, 12 Sep 2023 05:28:42 GMT

GET
H2 200 t_75a1a932bebd452199d8e8b2d7509fc1_name_file_1280x720_2000_v3_1_.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/TFtTbaFXch-oh52y_gL5b5oM4E4=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-12-2022/ 96 KB
97 KB 479ms
476ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/TFtTbaFXch-oh52y_gL5b5oM4E4=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-12-2022/t_75a1a932bebd452199d8e8b2d7509fc1_name_file_1280x720_2000_v3_1_.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

68fb0bd2ca7e319ed2dbb4150b02fd2b83e17a79fe7df918a6c4f854ac7849c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
last-modified: Mon, 12 Sep 2022 05:24:32 GMT
server: Akamai Image Manager
etag: "0dba58772bae461e57204b8652b8e411681ca627"
strict-transport-security: max-age=86400
content-type: image/jpeg
x-edgeconnect-cache-status: 1
cache-control: private, no-transform, max-age=31520179
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=422
content-length: 98693
expires: Tue, 12 Sep 2023 05:25:42 GMT

GET
H2 200 t_c72a8a986721450d89a4b1fadc4169e2_name_file_1280x720_2000_v3_1_.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/dFSrlhQG90kETsQZuFgTPHvuM_w=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-10-2022/ 72 KB
73 KB 586ms
583ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/dFSrlhQG90kETsQZuFgTPHvuM_w=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-10-2022/t_c72a8a986721450d89a4b1fadc4169e2_name_file_1280x720_2000_v3_1_.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

cae5d11c6e8d98a6c941ae3d65fa87efba11f9f61d517f01766729a549177bcb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
last-modified: Sat, 10 Sep 2022 01:28:37 GMT
server: Akamai Image Manager
etag: "a2fddffe415aa5cc83a1d14b9c4debc2b12b3254"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31333146
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=524
content-length: 74034
expires: Sun, 10 Sep 2023 01:28:29 GMT

GET
H2 200 t_f913c326f10543e7adc8a2adbe42428e_name_file_1280x720_2000_v3_1_.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/b4KdbIGThoBKI1oWiBcVYEf9Vgg=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-09-2022/ 50 KB
50 KB 902ms
900ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/b4KdbIGThoBKI1oWiBcVYEf9Vgg=/800x533/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/09-09-2022/t_f913c326f10543e7adc8a2adbe42428e_name_file_1280x720_2000_v3_1_.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d08dd909585b451a026b3d16789e8a1927f218ab366c90e9e88f023a4c3034ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:24 GMT
last-modified: Fri, 09 Sep 2022 14:07:54 GMT
server: Akamai Image Manager
etag: "28fc93541e1dbb2d64ea387dd200f8f30fd02852"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31292239
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=834
content-length: 50734
expires: Sat, 09 Sep 2023 14:06:43 GMT

GET
H2 200 iframeheight.js Show response
www.metv.com/js/ 1 KB
732 B 358ms
101ms Script
application/javascript 52.73.204.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metv.com/js/iframeheight.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.204.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-204-82.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash: e6533978ddf6d9eadec6481e1f56d8b62d731f809de8ad47ad02b98120811055

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 19:46:41 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
etag: "478-5e80774876a40-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, proxy-revalidate
accept-ranges: bytes
content-length: 467

GET
H2 200 v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy Show response
reconditerespect.com/ 92 KB
27 KB 195ms
129ms Script
text/javascript 2600:1901:0:3b3e::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:3b3e::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

5933e29782692f88bb14f1380e0184d41c703c6e981109d5f587d6ee30c13d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "f4d7a12a2349e3f64a2d4498ecdd622ea83a42ee1ae25e7e0b19900c4d16b17b"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-kwjj
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: private, must-revalidate, max-age=21600
date: Mon, 12 Sep 2022 09:49:23 GMT
x-buildnumber: 632800667
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 v2kodJCg0COzr7zPOUkFrKjRkFjZCKvy5nr2EFu7AW1l0PBiDoexvAdzwnV3Xa8MXvvOnCHilrg Show response
reconditerespect.com/ 15 KB
6 KB 184ms
117ms Script
text/javascript 2600:1901:0:3b3e::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2kodJCg0COzr7zPOUkFrKjRkFjZCKvy5nr2EFu7AW1l0PBiDoexvAdzwnV3Xa8MXvvOnCHilrg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:3b3e::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d47ea497ed40ad6af2e33fa01b0ffcaf3a9eb67170b821194ae8380ba61152c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "344639d123c9b3004bd103fc8c43c90579f881a13b00f500c82f7e218eef0586"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-kwjj
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: private, must-revalidate, max-age=21600
date: Mon, 12 Sep 2022 09:49:23 GMT
x-buildnumber: 632800667
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161733/6819/ 424 KB
128 KB 81ms
18ms Script
application/javascript 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b54e80a2760bde6237fd579eab294deec23c2b29f14c4d224a59d8bd76596d39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
last-modified: Tue, 26 Jul 2022 19:59:16 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=123247
accept-ranges: bytes
content-type: application/javascript
content-length: 130020
expires: Tue, 13 Sep 2022 20:03:30 GMT

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 57ms
24ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6910
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 19:06:55 GMT
server: cloudflare
etag: W/"1bbec-182eaffe498"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7497bb9c6c08994b-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 09:49:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 151 KB
43 KB 68ms
31ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0815ddc8168eea11db8d544cdf4f62ec907528101f34925da96b6604a98ce67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43736
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 09:49:23 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/meredith-network/ 579 KB
47 KB 35ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8dfe130ac55b5ba30fb68b19eff9c3d12e2ee471baaf931cbfdff060ae81a086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: gIIBzAGrBWl4MHOkgyiyIBApd0wG34UM
content-encoding: gzip
etag: "afd3a047bc1249c7a149c225b232bc2b"
age: 145
x-cache: HIT
content-length: 47458
x-amz-id-2: m9EA2/9837BeZx9fYR7npev8kJOMvTPBXNBLfCnq1DRsxmbRYQBQvs89E0oalS7X/bIA4x2xMAM=
x-served-by: cache-fra19144-FRA
last-modified: Sun, 11 Sep 2022 10:41:42 GMT
server: AmazonS3
x-timer: S1662976163.301912,VS0,VE1
date: Mon, 12 Sep 2022 09:49:23 GMT
vary: Accept-Encoding
x-amz-request-id: HYK0QGAGAHGN3RSR
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 88
x-cache-hits: 1

GET
H2 200 RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 70ms
18ms Script
application/javascript 2a02:26f0:ea:4ba::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ea:4ba::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: br
last-modified: Sat, 13 Aug 2022 16:33:58 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 kold.jpg
www.kold.com/pf/resources/images/mastheads/backgrounds/ 45 KB
46 KB 32ms
31ms Image
image/jpeg 2a02:26f0:10e::5435:a1e8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kold.com/pf/resources/images/mastheads/backgrounds/kold.jpg?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1e8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

339437c6a5c2522973d4eeb5be0ccc1c8c911129ac100f84bf10e26c2efd2486

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: W/"70f834011095540e8d85ff255e947fe9"
x-serial: 1535
strict-transport-security: max-age=86400
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31212174
last-modified: Thu, 08 Sep 2022 15:52:32 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 46158
expires: Fri, 08 Sep 2023 15:52:17 GMT

GET
H2 200 kold.svg
www.kold.com/pf/resources/images/mastheads/logos/ 12 KB
4 KB 30ms
30ms Image
image/svg+xml 2a02:26f0:10e::5435:a1e8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kold.com/pf/resources/images/mastheads/logos/kold.svg?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1e8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

b39c6e444a38b840877af6f782c78b9514daf617276b9473f2be596f8c577b1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
x-amz-request-id: AZBZX3SNP4ZHXBZG
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=6
content-length: 3908
x-amz-id-2: F3n5g8uA2vt68/91t3jrvnQHG4C5L0qIRkVtXqgIvX1y0tEhUka7dKIiKbqHcsal5jzZf+Lth8Y=
last-modified: Thu, 08 Sep 2022 15:41:52 GMT
server: openresty
etag: W/"4a91d2a13bd624e7a386b3103266ffc4"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 09:49:23 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 27ms
13ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://www.kold.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 314406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxmYBHkeYu6Dgm1u0Un5A%2B%2B6DZ37ptgncqTyn1wtLpvpENV8%2FK130KAlfZIiMHjbdjPdlSMeU5s4kIyAp6%2FwC3Y%2BNzzlFqqtLFm%2BesCN%2F8xnRydEYUZVeluQlYXfkEB3PqRCxpejvWo77cbGvrpPND93"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7497bb9c4b6e5c02-FRA
expires: Sat, 02 Sep 2023 09:49:23 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 13 KB
14 KB 18ms
18ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://www.kold.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4021900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13224
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-33a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cU1zapP4tVRwMOs4mErTgQH3uW7Aitk3cPPwOdnwVjLOIgvgfQv2AbYYry9aFhodSoMnT64kPImyAiGJAzOuCdspm8RiEUMBhS5GKwNBwYvhLGLpghjVaVMlM7vsf8o6Tq9vbfKIytrSchZwarXhgxBE"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7497bb9c68ef6901-FRA
expires: Sat, 02 Sep 2023 09:49:23 GMT

GET
H2 200 framework.css
www.burst.com/webapps/embed/ 11 KB
3 KB 9ms
8ms Stylesheet
text/css 52.222.214.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.burst.com/webapps/embed/framework.css
Requested by: Host: www.burst.com
URL: https://www.burst.com/webapps/embed/framework.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-127.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4967dbde82b36ba483fcd5315203b1648a86c192ccd826865a634aaa8853208

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: Qqt_gEK_RpLzus8u20YU9JYh8awwY0sB
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 13:35:38 GMT
server: AmazonS3
age: 446
etag: W/"72f8f831414cf37903a38162b0291620"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
cache-control: max-age=10800
date: Mon, 12 Sep 2022 09:42:27 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: FhI1OecVPFtF2NW4Ke-vKg_Zx8UtCBZPrgEWYehfhKA0lC_s6VKOeQ==

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 147 B
474 B 167ms
104ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=kold.com&domain=kold.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 514e7290606e221930c562ddacfefc9d20edc99a7d8be0fa2ff1e63c181c89e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 121
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
x-timer: S1662976163.369307,VS0,VE96
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 10 Sep 2022 09:49:23 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 709ms
557ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e55"
vary: Accept-Encoding
x-hw: 1662976163.dop141.fr8.t,1662976163.cds160.fr8.hn,1662976163.cds107.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H2 200 impl.20220911-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 682 KB
141 KB 10ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220911-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f0381b9eff0a20846c0414a54a3255e094854518ab589f906b2d3bb076e7992c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: BjAKeGO625A_AXEIC6TVgaxnmN3YZ_h.
content-encoding: br
etag: "40b35c20a33eac1511a94a97439cb5a8"
age: 26708
x-cache: HIT
content-length: 144445
x-amz-id-2: njaL2/m9bixwC4Ti2acvNkwjfU+8lPcljZUo27b4SRs2SmpbhTyzIAUy2+nhmeapaPyeyeM+a5xCWICTQBagFA==
x-served-by: cache-fra19144-FRA
last-modified: Sun, 11 Sep 2022 10:24:00 GMT
server: AmazonS3-br
x-timer: S1662976163.344844,VS0,VE0
date: Mon, 12 Sep 2022 09:49:23 GMT
vary: Accept-Encoding
x-amz-request-id: CXJVNHK836EJMW8N
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 18
x-cache-hits: 27254

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 47ms
9ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 04:29:44 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 19179
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: KyMrH61QWME7jMc5PFZIKtug9zKmcRiKmQMozeJ0K9YwWncmvZcdVg==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 141 KB
48 KB 73ms
45ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MV7SQ7H&l=RCdataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b96800b65eba54fa61d67a58fb22cb4e3f3043158e0548667990d027e85a9454

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49407
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 09:49:23 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 67ms
29ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kold.com%2F&domain=www.kold.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.kold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 12 Sep 2022 09:49:23 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 553638
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kold.com%2F&domain=www.kold.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=FpxD4XxmWHhTOFZBWG91WlEzTVpKM2VlYlAzc3E2K2hLWWQ0bWFBTmYzTFBJV1Y2TnFWQmVrWDF5Y1lORExObTN4cktrbFBHV1pZVlVCSHo5am5kZzduNVYyRWp5aUg3bkg1VTlIOHZQdVluU0JEbksxZm9ZM1pkNVRjMF...

352 B
641 B

38ms
13ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=FpxD4XxmWHhTOFZBWG91WlEzTVpKM2VlYlAzc3E2K2hLWWQ0bWFBTmYzTFBJV1Y2TnFWQmVrWDF5Y1lORExObTN4cktrbFBHV1pZVlVCSHo5am5kZzduNVYyRWp5aUg3bkg1VTlIOHZQdVluU0JEbksxZm9ZM1pkNVRjMFFFUHZJNzhOR0dIS0pUQzBuOXQ0aXQ1Z3VNZHV6MEIvV1VMWXBabFZ6RFU3RDJWVEtmbDhJQ0xENjB2Mk1oWlBaWGoydTI5a2p3WWhtRzBnb1pFVWZuMis1WUlDOVk4MWxma1J5ODA0U1llMEFacElMUHNNPXw&cppv=2

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cef098e58a6cda0170857623c7f097e28719d4f5c9b87904f0961609b9e681d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:22 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 693152
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:23 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=FpxD4XxmWHhTOFZBWG91WlEzTVpKM2VlYlAzc3E2K2hLWWQ0bWFBTmYzTFBJV1Y2TnFWQmVrWDF5Y1lORExObTN4cktrbFBHV1pZVlVCSHo5am5kZzduNVYyRWp5aUg3bkg1VTlIOHZQdVluU0JEbksxZm9ZM1pkNVRjMFFFUHZJNzhOR0dIS0pUQzBuOXQ0aXQ1Z3VNZHV6MEIvV1VMWXBabFZ6RFU3RDJWVEtmbDhJQ0xENjB2Mk1oWlBaWGoydTI5a2p3WWhtRzBnb1pFVWZuMis1WUlDOVk4MWxma1J5ODA0U1llMEFacElMUHNNPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 626100
content-length: 0
expires: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 15ms
11ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1662976163446&ns_c=UTF-8&c7=https%3A%2F%2Fwww.kold.com%2F&c8=Home&c9=
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: yWPlcvg58nmHapuF5q7hYMJVgxdG-GpNMH7aJwpBma3KsK0ftVGg5A==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 4 KB
1 KB 107ms
47ms XHR
application/json 2a02:26f0:dc:2b0::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV&d=www.kold.com&t=5543254&v=1.720.0&sl=0&si=7a8a08a5-84fd-4956-8e1c-4f6b98dbab0f-ri3cma&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=677262
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:dc:2b0::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7fd3f387282cb6c60656f5a173ed9915bee37c32982c94448a5b769f5c64c10c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 09:49:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 913

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV7SQ7H&l=RCdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2843
date: Mon, 12 Sep 2022 09:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 11:02:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
53 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N6M5FJM

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bfe07371d5c4357bb979bc5ce79cca42212544f560700438826dd0a87d12cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53941
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Sep 2022 09:49:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
73 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RN7RQJ27EZ&l=RCdataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV7SQ7H&l=RCdataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a6ac1d7f22c8c8051a75e50dfd88af48eeccf5c6fc47e422486decc372c82f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74905
x-xss-protection: 0
expires: Mon, 12 Sep 2022 09:49:23 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 80ms
13ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 12 Sep 2022 09:49:22 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 484749
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 130ms
80ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6M5FJM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 09:49:23 GMT

GET
H2 200 476dfeb0-1072-0138-f111-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ 0
782 B 73ms
16ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/476dfeb0-1072-0138-f111-06a9ed4ca31b

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6M5FJM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 12 Sep 2022 09:49:23 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: FxQUAo6Zh1VOCdj5WDnB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 48ms
20ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=196024029&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kold.com%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=838454969&gjid=1683555515&cid=158068861.1662976164&tid=UA-22223248-16&_gid=1818732705.1662976164&_r=1&gtm=2wg970MV7SQ7H&cg1=%2Fhomepage&cg2=section&cg3=kold&cg4=%2Fhomepage&cd5=section&cd6=0&cd8=kold&cd9=kold&cd10=%2Fhomepage&cd11=%2Fhomepage&cd12=PageBuilder%20Fusion%20-%20Arc%20Publishing&cd13=&cd14=KOLD%20News%2013%20is%20your%20local%20source%20for%20breaking%20news%20and%20your%20First%20Alert%20to%20severe%20weather%20in%20Tucson%2C%20Marana%2C%20Casas%20Adobes%2C%20Oro%20Valley%20and%20Sierra%20Vista.&cd16=Mon%20Sep%2012%202022%2009%3A49%3A23%20GMT%2B0000%20(GMT)&cd17=%2B00%3A00&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36&cd19=Home&cd40=default&z=1799270690

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 44ms
21ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 70ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RN7RQJ27EZ&gtm=2oe970&_p=196024029&cid=158068861.1662976164&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&uid=&sid=1662976163&sct=1&seg=0&dl=https%3A%2F%2Fwww.kold.com%2F&dt=Home&en=page_view&_fv=1&_ss=1&ep.date_published=&ep.published_day=&ep.published_month=&ep.published_year=&ep.content_type=section&ep.primary_section_name=&ep.content_owner=kold&ep.content_provider=kold&ep.content_id=%2Fhomepage&ep.ad_target=%2Fhomepage&ep.platform_name=PageBuilder%20Fusion%20-%20Arc%20Publishing&ep.author=&ep.user_timezone_timestamp=Mon%20Sep%2012%202022%2009%3A49%3A23%20GMT%2B0000%20(GMT)&ep.timezone_offset=%2B00%3A00&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36&ep.content_name=Home&ep.content_keywords=&ep.distributor_name=&ep.distributor_category=&ep.distributor_subcategory=&ep.distributor_reference_id=&ep.distributor_model=&ep.output_type=default
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RN7RQJ27EZ&l=RCdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 affiliatedwidget
www.metv.com/ Frame B3D8 0
0 106ms
106ms Document
text/html 52.73.204.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metv.com/affiliatedwidget?market=71

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.204.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-204-82.compute-1.amazonaws.com

Software

Apache/2.4.54 () OpenSSL/1.0.2k-fips /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1945
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 09:49:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
strict-transport-security: max-age=172800
vary: Accept-Encoding

GET
H2 200 grayLogoHorizontal.svg
gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 14 KB
5 KB 32ms
32ms Image
image/svg+xml 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/images/grayLogoHorizontal.svg?d=286

Requested by

Host: gray-kold-prod.cdn.arcpublishing.com
URL: https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/kold/css/main.css?d=286

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gray-kold-prod.cdn.arcpublishing.com/pf/resources/dist/kold/css/main.css?d=286
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
x-amz-request-id: AZBJJGAA6ZBQFQMW
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 5010
x-amz-id-2: ri4qkQE2sOZW1oiiS/J9voF4kJ0BgyA/k1ui4vxPMGrzsWojdqUlet5bY0jn9TbMBkPDEgx7lr8=
last-modified: Thu, 08 Sep 2022 15:41:51 GMT
server: openresty
etag: W/"4228f26a863969873e28bcee1a6a4ded"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 09:49:23 GMT

GET
H2 200 json Show response
trc.taboola.com/graytv-koldnews13/trc/3/ 17 KB
5 KB 757ms
750ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-koldnews13/trc/3/json?tim=09%3A49%3A23.662&lti=deflated&data=%7B%22id%22%3A866%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662892885565%2C%22vi%22%3A1662976163659%2C%22cv%22%3A%2220220911-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5536%2C%22nsid%22%3A%22meredith-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-native%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Native%20Backfill%22%2C%22orig_uip%22%3A%22Homepage%20Native%20Backfill%22%2C%22cd%22%3A1712.578125%2C%22mw%22%3A389.5%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbs-feed-01%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A5182.90625%2C%22mw%22%3A1270%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbs-feed-01%3Apub%3Dmeredith-network%3Aabp%3D0%2C%2CHomepage%20Native%20Backfill%3Dthumbnails-native%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220911-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 41d8a10369afc87eff7bd6affde2e89295bff7dfefcc031c6ee80048f047f50d

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 743
date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: gzip
server: nginx
x-timer: S1662976164.673872,VS0,VE743
x-served-by: cache-fra19144-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22223248-16&cid=158068861.1662976164&jid=838454969&gjid=1683555515&_gid=1818732705.1662976164&_u=YGBACEAABAAAAC~&z=1412165732

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Sep 2022 09:49:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
static.adsafeprotected.com/ 17 B
464 B 72ms
15ms Script
application/javascript 2600:9000:2190:fc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: reconditerespect.com
URL: https://reconditerespect.com/v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:fc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:01:00 GMT
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad2.cloudfront.net (CloudFront)
age: 6335304
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: DfmV26_RsHfai39_64EIhmWnBwx95PsaPM_P-DfeESqR-Tkv0zi4dQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 89ms
27ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/pf/dist/components/combinations/default.js?d=286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d466a4b2b852286223f23f149a78587be16f7b24eb507fa9268bcccd6d60bc0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28684
x-xss-protection: 0
server: sffe
etag: "1331 / 714 of 1000 / last-modified: 1662972584"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 12 Sep 2022 09:49:23 GMT

GET
H2 200 affiliatedwidget Show response
www.metv.com/ Frame A1A7 6 KB
2 KB 103ms
102ms Document
text/html 52.73.204.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metv.com/affiliatedwidget?market=71

Requested by

Host: www.kold.com
URL: https://www.kold.com/pf/dist/engine/react.js?d=286

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.204.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-204-82.compute-1.amazonaws.com

Software

Apache/2.4.54 () OpenSSL/1.0.2k-fips /

Resource Hash

8fc4fdf13550c5988f2958c0c8f10fc56e0bdb9b436e5240b16b0c28eb0387dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1945
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 09:49:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
strict-transport-security: max-age=172800
vary: Accept-Encoding

GET
H2 200 wx-current-conditions-v3 Show response
www.kold.com/pf/api/v3/content/fetch/ 314 B
522 B 68ms
68ms XHR
application/json 2a02:26f0:10e::5435:a1e8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kold.com/pf/api/v3/content/fetch/wx-current-conditions-v3?_website=kold&filter=%7B%0A++imperial+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A++metric+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A%7D

Requested by

Host: www.kold.com
URL: https://www.kold.com/pf/dist/components/combinations/default.js?d=286

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1e8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

32dcf5771c75952b333f65d45ecec9fc2413f5f5930bf90a98ecad99215b6002

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 120, 120
date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 09:47:52 GMT
server: openresty
etag: W/"13a-KAnkPZDivoFwmgKMioGu4w5+2JY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=29
server-timing: cdn-cache; desc=HIT, edge; dur=44
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
content-length: 182
expires: Mon, 12 Sep 2022 09:49:52 GMT

GET
H/1.1 200
OK KOLD_poll.json Show response
s3.amazonaws.com/grayfilestore-kold/gpollData/ 22 B
561 B 316ms
117ms XHR
binary/octet-stream 52.216.110.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/grayfilestore-kold/gpollData/KOLD_poll.json?rnd=kPwtTjpdWBqJ&arc-site=kold
Requested by: Host: www.kold.com
URL: https://www.kold.com/pf/dist/components/combinations/default.js?d=286
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.110.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2d3989504c349c740bf360831b0cb07127fe9683f8c5405e6dc90423c77228aa

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 09:49:25 GMT
Last-Modified: Mon, 21 Jun 2021 20:30:02 GMT
Server: AmazonS3
x-amz-request-id: D9N2494G81FAZ3XZ
ETag: "3b3cd2921e72de25e5dca50ff96c6a78"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Accept-Ranges: bytes
Content-Length: 22
x-amz-id-2: GJs7EofSg/xKPI6Uxdn3kISUwwxSUxHRga4yFgM5Z2kA2SxFUNpCrfJ5xu2mnRFPZPnptDRpxbg=

GET
H2 200 whitecloseicon.png
www.queryly.com/images/ 816 B
1 KB 13ms
13ms Image
image/png 2606:4700:20::ac43:497c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.queryly.com/images/whitecloseicon.png
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 495743
x-powered-by: ASP.NET
content-length: 816
last-modified: Thu, 11 Jun 2020 23:20:57 GMT
server: cloudflare
etag: "d7046f64640d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kxw5WWUxyBmu4ThynMK1bVhGgLvDmB5rATuVkw7e9Xqr8I8gCp0QwCUyXaELzMZQMRv6DzuRv%2BM%2BpjGcn16pLv9s2IOm8VCipM7ne2cQ%2F3d53kV6rd4zTWPB2EzwT2I%2FinNdEf0ub7iixCmpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7497bba0184ebb47-FRA
access-control-allow-headers: *

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 287ms
90ms Image
image/gif 54.237.24.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=kold.com&p=%2F&u=NPChVCD4McKB8GUzN&d=kold.com&g=39189&g0=%2Fhomepage&g1=No%20Author&g4=section&n=1&f=00001&c=0&x=0&m=0&y=5536&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2131&t=ZyO06CvkUYiBa7FxbBhwL4-BIjm_B&V=136&i=Home&tz=0&sn=1&sv=CY5lR-BtY9OBMqBitDnu6JfCrLtZ9&sd=1&im=067b2fff&_
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.237.24.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-24-134.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 USQLAIK6Q5C57FMQZKYU67BGFA.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/rjjLOV_fn_IPhrX7tu2mvde9fA8=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 32 KB
32 KB 499ms
499ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/rjjLOV_fn_IPhrX7tu2mvde9fA8=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/USQLAIK6Q5C57FMQZKYU67BGFA.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a0fb37f4b2b417d4b7a83a487b180dac8d823727f48401b40e31f8f5cf4fc491

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:24 GMT
x-check-cacheable: YES
x-serial: 1579
etag: "11979736d015109aa5839a747230cf9c3dfebf9d"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31141019
last-modified: Wed, 07 Sep 2022 20:06:07 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=38, origin; dur=402
content-length: 32628
server: Akamai Image Manager
expires: Thu, 07 Sep 2023 20:06:23 GMT

GET
H2 200 7LSLCPT3TVGLHGUHQSJNNBIUAA.jpeg
gray-kold-prod.cdn.arcpublishing.com/resizer/Aq1xYOCLGtYXUY_jO0F__kpvdS0=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 49 KB
50 KB 500ms
500ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/Aq1xYOCLGtYXUY_jO0F__kpvdS0=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/7LSLCPT3TVGLHGUHQSJNNBIUAA.jpeg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

341a2377564d2faa417d392ba5472e6012f6705d7e7e22b1c614bffb5ec28110

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:24 GMT
x-check-cacheable: YES
x-serial: 1231
etag: "c6adbc08643c2e248d15ddc3bcbb5e733bec79dc"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31514510
last-modified: Mon, 12 Sep 2022 03:50:06 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=26, origin; dur=293
content-length: 50475
server: Akamai Image Manager
expires: Tue, 12 Sep 2023 03:51:14 GMT

GET
H2 200 TCABNRQJOVGA3DF6YFB6PXHLHE.jpeg
gray-kold-prod.cdn.arcpublishing.com/resizer/YiA_PnktpJrOssRubt_Kv6KhAAU=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 42 KB
43 KB 1202ms
1202ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/YiA_PnktpJrOssRubt_Kv6KhAAU=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/TCABNRQJOVGA3DF6YFB6PXHLHE.jpeg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

ce0038c0e7d4549ac52e0d4cf8ed89cd620eb684e86bd71b6f3f631f6b6d9aff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 09:49:25 GMT
last-modified: Mon, 12 Sep 2022 05:33:01 GMT
server: Akamai Image Manager
etag: "3342c19394e4a9e2997fa97949f9ac3d6f7695c9"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31520699
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=902
content-length: 43101
expires: Tue, 12 Sep 2023 05:34:24 GMT

GET
H2 200 SS25PX2YHZJ3VGKONOWWHPMO34.jpg
gray-kold-prod.cdn.arcpublishing.com/resizer/IDkwFNQPFpvQ-lVvpKnA0KeUf1c=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 46 KB
47 KB 533ms
533ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/IDkwFNQPFpvQ-lVvpKnA0KeUf1c=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/SS25PX2YHZJ3VGKONOWWHPMO34.jpg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e3c1430d12f72395c5d480ccb3301528341fd078e00d761eb7a1c3a458d96ce5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 09:49:24 GMT
last-modified: Mon, 12 Sep 2022 03:54:58 GMT
server: Akamai Image Manager
etag: "02154f310da574bd7cb879612e272aa1cb6039d6"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31514699
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=168
content-length: 47554
expires: Tue, 12 Sep 2023 03:54:23 GMT

GET
H2 200 FWVCAYY4NFDQNDG3KOBXMHB6NQ.jpeg
gray-kold-prod.cdn.arcpublishing.com/resizer/e9fQsNRKEcASH2YpHjTyrM68_U0=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 34 KB
34 KB 529ms
529ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/e9fQsNRKEcASH2YpHjTyrM68_U0=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/FWVCAYY4NFDQNDG3KOBXMHB6NQ.jpeg

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3876ba4e584b168e9730dc7eb5279b726799576bd9fec2f063024871bb0d238d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Mon, 12 Sep 2022 09:49:24 GMT
x-check-cacheable: YES
x-serial: 13
etag: "465f70f7290d13ddd8f1d048846e7948524073d0"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31514272
last-modified: Mon, 12 Sep 2022 03:48:16 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=131
content-length: 34426
server: Akamai Image Manager
expires: Tue, 12 Sep 2023 03:47:16 GMT

GET
H2 200 OPS3T4CRQRBAZDF52VAFWOWOJU.JPG
gray-kold-prod.cdn.arcpublishing.com/resizer/jtUyi9iH7nu3im7X7kETAag8eQc=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 61 KB
61 KB 585ms
585ms Image
image/jpeg 2a02:26f0:11a::5f65:1731
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kold-prod.cdn.arcpublishing.com/resizer/jtUyi9iH7nu3im7X7kETAag8eQc=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/OPS3T4CRQRBAZDF52VAFWOWOJU.JPG

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1731 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e1547ba4ccee113d1b691b63da3b5924ee475f37c9bc51817a2f5936b7107f41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:24 GMT
last-modified: Mon, 12 Sep 2022 03:45:29 GMT
server: Akamai Image Manager
etag: "6c4eb6855f7872d96c7824d8fedf136b352caea8"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31514183
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=130
content-length: 62112
expires: Tue, 12 Sep 2023 03:45:47 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/680197802/ 2 KB
2 KB 87ms
53ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/680197802/?random=1662976163889&cv=9&fst=1662976163889&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.kold.com%2F&tiba=Home&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57ce55eb83c1b40918eca0c53260d182517525964c4ca0fc90b758011061654a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 994
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 29.svg
www.kold.com/pf/resources/images/weather/weather-condition-icons/svgs/ 2 KB
1 KB 81ms
81ms Image
image/svg+xml 2a02:26f0:10e::5435:a1e8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kold.com/pf/resources/images/weather/weather-condition-icons/svgs/29.svg?d=286

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::5435:a1e8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

42ce5aa7a6eb57080cdcd4fe8ef25af848b8f816d8fe9aff2411bbaccead0339

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: gzip
x-amz-request-id: 1NE95SS892CN4M85
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=55
content-length: 1010
x-amz-id-2: i3/XAQw65aQdRYwvyJ9itfr3F+GMKXAZkYsYtm1cRxUzXB6zES7gGhvH6cnF7NNhwlPYtSKaceA=
last-modified: Thu, 08 Sep 2022 15:41:52 GMT
server: openresty
etag: W/"91caacb3a5ced27c22a7d0abc019142e"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Tue, 12 Sep 2023 09:49:23 GMT

GET
H3 200 pubads_impl_2022090601.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 44ms
14ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133157
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 08:35:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 12 Sep 2023 09:15:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 149 B
132 B 75ms
48ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.kold.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

2552e1825bf522ebd1c3df634701a5e9ee49ad261924272bdb10a29d6efcab22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107
x-xss-protection: 0
expires: Mon, 12 Sep 2022 09:49:24 GMT

GET
H2 200 style.css
staticcdn.metv.com/css/ Frame A1A7 313 KB
56 KB 85ms
16ms Stylesheet
text/css 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://staticcdn.metv.com/css/style.css?v=1.2
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-864 /
Resource Hash: 6129f529e83bcadb6684660b2ebd6d61ae7e6aaa8269d353bc55f90f96f912b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: br
cdn-edgestorageid: 722
access-control-allow-origin: *
cdn-cachedat: 07/20/2022 13:32:23
cdn-pullzone: 131641
server: BunnyCDN-DE-864
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Fri, 15 Jul 2022 20:31:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"4e59e-5e3dde877dbc0"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, proxy-revalidate, max-age=31536000
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cdn-requestid: d6b82a8d851df8e99d28726a64a6fcbb
cdn-requestcountrycode: RU
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ Frame A1A7 48 KB
11 KB 34ms
16ms Stylesheet
text/css 2606:4700:3033::6815:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer: https://www.metv.com/
Origin: https://www.metv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:23 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19880314
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JVN8RS3G4SSKWEHP
x-amz-id-2: ClK0AIp0xRQ7c9ZrOTMOWzxCVv2lvJn8mPAUdVEGQaAVWaIRCO6jpYz0cdrdgLra9XETIZLzWt8=
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
server: cloudflare
etag: W/"10519cfd3206802f58315b877a9beab5"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUB1sVGcKt%2BgNwRxt6WCRrCUjUEDle60ZOX8%2F2QcDgrdLq6aN4iJxPBzyj%2BZhbpPwzx1dQ4hC3SmPQqBeAvOPaVk4glpAEkAMx6Pzlt7WmHr8K31AD%2BuZmk6erVpt17vk%2BLtSPtK98KSqFu0ItPLsSOU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 7497bba0ee369034-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame A1A7 94 KB
33 KB 76ms
13ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 09:18:57 GMT

GET
H2 200 metv_logo.png
staticcdn.metv.com/images/ Frame A1A7 6 KB
7 KB 18ms
16ms Image
image/png 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticcdn.metv.com/images/metv_logo.png
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-864 /
Resource Hash: 7bbc3068f2bde3ba4f55bc8a2e25fde7f1b474dacfd1aa3f94da90ddb97430f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
cdn-edgestorageid: 755
cdn-cachedat: 07/20/2022 13:32:23
cdn-pullzone: 131641
cdn-requestpullsuccess: True
content-length: 6506
server: BunnyCDN-DE-864
last-modified: Fri, 15 Jul 2022 20:31:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: public, proxy-revalidate, max-age=31536000
cdn-requestid: f39e2fdd8481e377d5191448440fd2d2
accept-ranges: bytes
cdn-requestcountrycode: RU
cdn-status: 200
expires: Thu, 20 Jul 2023 13:32:23 GMT

GET
H2 200 8kQoV-1554743736-71-markets-kold_web.png
cdnmetv.metv.com/ Frame A1A7 63 KB
64 KB 92ms
23ms Image
image/png 2400:52e0:1e00::601:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnmetv.metv.com/8kQoV-1554743736-71-markets-kold_web.png
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::601:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-601 /
Resource Hash: 1cb9e32ad9fce79b2e64465148a49f922925714bd4d7cdce657ae59b4e3eaa69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
cdn-edgestorageid: 632
x-amz-request-id: 7Q2GS8B286N5KDFN
cdn-cachedat: 07/20/2022 14:03:55
cdn-pullzone: 134864
cdn-requestpullsuccess: True
content-length: 64944
x-amz-id-2: xKZotaCetv0Ai7JytubWrUczh/3kQmnjICOuagOfSfJUVxE83LF10yYd1Zherx4PoBdULKz8fQs=
server: BunnyCDN-DE-601
last-modified: Thu, 19 Sep 2019 22:49:52 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: max-age=31556926
cdn-requestid: 764ff29b940060cbf76e57782e29f099
accept-ranges: bytes
cdn-requestcountrycode: RU
cdn-status: 200
expires: Mon, 08 Apr 2024 17:15:36 GMT

GET
H2 200 DEkWH-1662568910-4142-blog-mash_50th_header.jpg
cdnmetv.metv.com/ Frame A1A7 11 KB
12 KB 95ms
36ms Image
image/jpeg 2400:52e0:1e00::601:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnmetv.metv.com/DEkWH-1662568910-4142-blog-mash_50th_header.jpg
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::601:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-601 /
Resource Hash: 0c1ae6c99f2f4dd96a622ba3dd3e03241b9969384f4b161a259f24e2c4375f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
cdn-edgestorageid: 722
x-amz-request-id: 7E1EMAECJZ4AE58W
cdn-cachedat: 09/07/2022 16:55:49
cdn-pullzone: 134864
cdn-requestpullsuccess: True
content-length: 11307
x-amz-id-2: meBDbODbyOimEAhMw14hAFkr5lHM4K5oRdVsGE/USy4GEIpjRBDc4uPieUt7i6IQu+UVuUWhJ5M=
server: BunnyCDN-DE-601
last-modified: Wed, 07 Sep 2022 16:41:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: max-age=31557600
cdn-requestid: cfd03f87ca204353d426e802fc4393d3
accept-ranges: bytes
cdn-requestcountrycode: RU
cdn-status: 200
expires: Tue, 07 Sep 2027 16:41:50 GMT

GET
H2 200 4Fvwk-1662647969-3105-quiz-header_-_star_trek_true_or_false_quiz.jpg
cdnmetv.metv.com/ Frame A1A7 17 KB
18 KB 95ms
35ms Image
image/jpeg 2400:52e0:1e00::601:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnmetv.metv.com/4Fvwk-1662647969-3105-quiz-header_-_star_trek_true_or_false_quiz.jpg
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::601:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-601 /
Resource Hash: 66fab282a68497eef53dc56860657890e81b9241329eed9949fdf10c7f6f2cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
cdn-edgestorageid: 632
x-amz-request-id: XSE0QB1ZMK4ETGP9
cdn-cachedat: 09/08/2022 15:23:50
cdn-pullzone: 134864
cdn-requestpullsuccess: True
content-length: 17491
x-amz-id-2: dgGtbgxNmE9Fb4n7LN9MPKK/Tk4sBmY9cpCo1t8snzcCZUTBjMunj12ypzddJIecmPKnnczCWRU=
server: BunnyCDN-DE-601
last-modified: Thu, 08 Sep 2022 14:39:30 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: max-age=31557600
cdn-requestid: 75d12e79db2f104793aa7188140161c9
accept-ranges: bytes
cdn-requestcountrycode: RU
cdn-status: 200
expires: Wed, 08 Sep 2027 14:39:29 GMT

GET
H2 200 toAsL-1662666839-3106-quiz-header_-_a-team_outfit_quiz.jpg
cdnmetv.metv.com/ Frame A1A7 14 KB
15 KB 95ms
36ms Image
image/jpeg 2400:52e0:1e00::601:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnmetv.metv.com/toAsL-1662666839-3106-quiz-header_-_a-team_outfit_quiz.jpg
Requested by: Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::601:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-601 /
Resource Hash: cdd4b204ea90fde8ddc1180f81080b3170f039b8575f0a1d7b53966c9aa5c1da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
cdn-edgestorageid: 864
x-amz-request-id: 67KZENAHT59JVG5P
cdn-cachedat: 09/08/2022 20:34:15
cdn-pullzone: 134864
cdn-requestpullsuccess: True
content-length: 14592
x-amz-id-2: kQ+CbM1JkNAuyyW3+8gT5waMatWpMDVqX9jae0iduPOfFGr5hl8mES0TcL4BSpKElLR3o0UqDHI=
server: BunnyCDN-DE-601
last-modified: Thu, 08 Sep 2022 19:54:00 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: bdd4d802-3955-4e17-b663-0931d2353e7b
cache-control: max-age=31557600
cdn-requestid: d08da4e82d3e0a685d289f5ea19b8177
accept-ranges: bytes
cdn-requestcountrycode: RU
cdn-status: 200
expires: Wed, 08 Sep 2027 19:53:59 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/680197802/ 42 B
548 B 62ms
26ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/680197802/?random=1662976163889&cv=9&fst=1662973200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fwww.kold.com%2F&tiba=Home&async=1&fmt=3&is_vtc=1&random=3663243941&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/680197802/ 42 B
548 B 93ms
30ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/680197802/?random=1662976163889&cv=9&fst=1662973200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fwww.kold.com%2F&tiba=Home&async=1&fmt=3&is_vtc=1&random=3663243941&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2rlvRuazXwRCkKrbhwosTwAE30X4UnsrpFNYAb-7OwyYXtljlLDe0oqfVrVgU3puPhwLlldmlA Show response
operationchicken.com/ 191 B
696 B 114ms
49ms Fetch
application/json 2600:1901:0:ccb0::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://operationchicken.com/v2rlvRuazXwRCkKrbhwosTwAE30X4UnsrpFNYAb-7OwyYXtljlLDe0oqfVrVgU3puPhwLlldmlA

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:ccb0::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

3b7675852c0032c68d5346a141437b47b3206d2dcb964b6242590bd859d08738

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
via: 1.1 google
x-buildnumber: 632800667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191
x-datacenter: gce-europe-west1
date: Mon, 12 Sep 2022 09:49:24 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-spot-kwjj
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Mon, 12 Sep 2022 09:49:23 GMT

GET
H3 200 359 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 2 KB
1 KB 135ms
126ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/359?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5042196ed1d2e7b16e5568c99ee575076d0a7a2cdfa9f8247ecb358875cc0f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"778-Ox99Me3nQsm0XOh6aMgW73Lb14g"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
cf-ray: 7497bba24e249170-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 359
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 156ms
142ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/359?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.kold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.kold.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7497bba1484ebbc1-FRA
date: Mon, 12 Sep 2022 09:49:24 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 100ms
61ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

44a9fefe408b6b8e1aa82c1f0b23c7774441fb4212a41ab3c10eb8dee743f1be

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 58835662-949a-4f7a-99f0-9d6b5a063a79
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 135ms
57ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
date: Mon, 12 Sep 2022 09:49:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 1 KB
1 KB 102ms
72ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22597b90648e86eb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226a302b0dec4ae9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22726cf6224e99d8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228c2e9e08e48e13%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5e8ca9feac64706168b8a9cedc672fb81acb5f6f10db301525b93b1638edcf

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DfRLRWqKgZXHIbVXcvzZbcJHrMGz2HnflVg4R1kOJTqsDe3%2B69NH%2B6iXBnMoassMXmrALKD4ZSH3962V4WUKHhQytCmLCAv%2BpIxSC3%2Bl8etbR%2BzKvp6OybLra%2Bc1ya%2B5jX2ZXO0"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7497bba19ed39208-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 1 KB
1 KB 94ms
68ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229d927c4cea7d01%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210f6fa99a4908dc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2211b948592d2a272%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7350011b132f55260e54d76fe09d3e63238a42c0922bb170d24359f395c5985c

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1jEAswhukZxVSOul3NIPVM%2BSPRb0dUoE2sZM2LZNmJn0okEDhWOJ%2B0RzzNytS5O6Ix%2BQfhNdyBfHwD4DzsMQ12vnjmZSkeVFqcAic0YZ%2BhYsR23scHepCrk14TPhs1rlXaxN7Tp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7497bba19ed49208-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 150ms
78ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
date: Mon, 12 Sep 2022 09:49:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 106ms
75ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d3996dbb9b092bb5e8aceede71fc973ca8d18f5d962763ab2156d898b5714a42

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 88483810-536d-4756-abb7-aea30dd0f5fc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
313 B 67ms
48ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2216aaedac993132%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2217662116dd27de1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%221024x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A1024%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a319df64e48678808e2977be66c9b3ab98e69b6e25c54b7ef5117f648304ee0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9r4x0%2Flr3g4bMn%2FfGyG05jqj%2FfvPm3X0QbhGcE5qf3O180se5ox%2BREC7c0aAGvhMPqKnJcmT0IeIGxCvnRUF6SO%2FeCUwteBjF8VIwaXUp7TRcwajcle4L9KgTCLtRjB6ESSBjq6"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7497bba19ed69208-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 77ms
50ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

165bacc6e65f97f8e5fb7ace22021abc3f567c5e2b109a7c3655fc82a8129237

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4500bab9-3932-46d1-98bf-148c2c589de4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
564 B 42ms
30ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2220b0c7acd403b39%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22216b4b0664c87af%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%221900x1200%22%7D%2C%22banner%22%3A%7B%22w%22%3A1900%2C%22h%22%3A1200%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42fb0d9ab007dc9861b57c78de8998989f9e9fe4308ff214ce2d658162998a87

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtGbcLg8r3uE7DywX6oX05bi5JMlvABW5ZzGvEdJ%2Fu0lRTh09g407PMwxACaJtOOVoOqN%2FWYafHra9tW7jZzO2KMsYLPym888zCMFGZyYgaTb%2F6LRvxDObp8rxCUHBxSKE4pfo0g"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7497bba19ed79208-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 70ms
42ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d43758438ef98c93692c8b1d233640869cf53c082a490e2e31ce94bcf3a6825d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6e7ca9cb-2f3e-4ca4-88e3-e42fbf49e4d3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame A1A7 49 KB
20 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.metv.com
URL: https://www.metv.com/affiliatedwidget?market=71

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2844
date: Mon, 12 Sep 2022 09:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 11:02:00 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ Frame A1A7 66 KB
67 KB 27ms
17ms Font
font/woff2 2606:4700:3033::6815:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Referer: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Origin: https://www.metv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19862600
cf-ray: 7497bba1cd7191de-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67400
x-amz-id-2: ATP+0ozDQnmhD9cRVtqdWhoYoejztw3XhIi1yi+uLnfEWBFbejXG14haSpvXJUSYjJ9GOGusxoA=
last-modified: Wed, 30 Jun 2021 15:42:33 GMT
server: cloudflare
etag: "14a08198ec7d1eb96d515362293fed36"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uvd6nKfNChATeZOVCips%2FdYJ4DJr7LXWaPKRenK1Ma47QiQAOl15VWxbPgQNJDKk0iw7f5x0q1vomQPXgyUrA7KMUfGaNZGwNoK%2FQ81XybIOPUVWjKtG%2Fhrvp3Mj4Ig1%2FZyw14kXYO4O%2F2eNl0CCnA%2Bv"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: AV9YYACDAFX3RG0F
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

POST
H3 200 v2qcg_6raF_jfwuELVpAGkJ4bL7Ho1qdZDc6E_WNpvrPwSicxJPLiSGe1UhthtzDTkT_qqgiaMQ Show response
operationchicken.com/ 3 B
27 B 164ms
131ms Fetch
application/json 2600:1901:0:ccb0::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://operationchicken.com/v2qcg_6raF_jfwuELVpAGkJ4bL7Ho1qdZDc6E_WNpvrPwSicxJPLiSGe1UhthtzDTkT_qqgiaMQ

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2vvy0LAUDfe4LNfHUQvbdrZPffiSmDW9eEnHOtuqAQwlEhcJo0ZEODLy

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:ccb0::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
via: 1.1 google
x-buildnumber: 632800667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
date: Mon, 12 Sep 2022 09:49:24 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-spot-kwjj
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 1 KB
1 KB 253ms
240ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2224af293bda9aee%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2225dd55b2769e34e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22261cd402dd5164f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22275e05a33f08e6a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00a521082c63ab23b9e2fececbfa7436e1d261e4369b39477eaaed89510a031e

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQivnbueWNSoyJVQX20Qspc4ees%2FzKBVBan9b81g5VG%2B8OVN55ShRyccEtk8fEIjXJjndPjvubiVzEQx7bVq7sn5IepL9X5sXNsaz6MWKCt3nPNv8cg3mk3JHNfovXY2nKwz%2FpLc"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7497bba20da39b6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 69ms
66ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
date: Mon, 12 Sep 2022 09:49:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
8 KB 78ms
77ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

685c97eb228678ea23b37ffc41ad2de583cff3f41f8e9029318d33d87cd8accd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 12 Sep 2022 09:49:24 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5d61194e-49ab-465e-b0a3-260832d230fc
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 157ms
156ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3f8302fbabb94a6b7efb4ad5b7d568acec14fcdd3f6e96602beab3bc6cb2917

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0402c791-3942-4eec-a836-bcefbb20b532
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 37 B
534 B 71ms
65ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2234dd9623ced4dee%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2235bfaaa80fd5e48%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%2Fweather-widget%2Fradar%2Fseven-day-forecast%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a2d7a85ae162c3b93021eb822862af0f54ad62f089ded854d0e0095e13c5f06

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nE4vVNoaFOWRtPYSC3uKUntPppxHkeGaj5dJmekr6FVISheG2HGNH0BYLT7qqLmRf7MY0sn7jKv3eGrMFNXXxiKGRWpGffB0QThXtscIOJJ2AXyPj6VRfqjPAS8pXHqziNeFY4P7"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7497bba20da09b6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 87ms
22ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kold.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 84ms
24ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kold.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 89 KB
37 KB 829ms
829ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?enc_prev_ius=%2F0%2F1%2F2%2F3&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&scr_y=0&u_aw=1600&cookie_enabled=1&ohw=0&adks=1014892926&adys=1109&nvt=1&btvi=0&lmt=1662976162&msz=1600x-1&bc=31&vrg=2022090601&dlt=1662976163029&u_w=1600&oid=2&eri=1&u_his=2&bih=1200&idt=1011&ga_fc=true&prev_iu_szs=1024x90&sfv=1-0-38&u_h=1200&u_sd=1&dt=1662976164179&biw=1600&u_ah=1200&adxs=288&ga_hid=196024029&scr_x=0&pvsid=1972122745310307&psz=1600x-1&eid=31069182&ifi=1&ga_vid=158068861.1662976164&abxe=1&gdfp_req=1&u_cd=24&url=https%3A%2F%2Fwww.kold.com%2F&sc=1&correlator=4214518605514440&us_privacy=1---&frm=20&prev_scp=position%3D101%26pt%3Dsection%26cid%3D%252Fhomepage&output=ldjh&impl=fifs&dmc=8&vis=1&fsapi=false&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&ucis=1&fws=512&ptt=17&ga_sid=1662976164

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

fbbdda8bf807cadb08dcdac88df7b252c90ba4eaf1dc5685c95f92797df58b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37557
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A74E 6 KB
4 KB 95ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 09:49:24 GMT
expires: Tue, 12 Sep 2023 09:49:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
8 KB 57ms
57ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

538d776381644cbd48429b0b8c715e2841e5a40bc8474b09cfbc4ec095977a43

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 12 Sep 2022 09:49:24 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5f6637c1-58ab-40bd-a0b9-148a6b1e1625
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.kold.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 36ms
36ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
date: Mon, 12 Sep 2022 09:49:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 1 KB
1 KB 111ms
111ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=851638&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22407ce04d9c883cb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kold.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2241216f552d5dd19%22%2C%22ext%22%3A%7B%22siteID%22%3A%22851638%22%2C%22dfp_ad_unit_code%22%3A%22%2F63316753%2Fkold%2Fweb%2Fhomepage%2Fstory-feature%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fc3956fe25a8595bf13157d59baccfe50dfbf1eaa0609488bcf6ca4893dfe02

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2%2FH2H32KXo5LPmD7Gufh5Jdp9a5kypMnhTtQd891PBGXhcZG%2BPhgEP6KWyyItKiqoh%2BnYe5lEMUAtCbF0MV4Ws7LEzbLRKIbrPnLe0QN1nIgKKVx8IhIKRlomBllruNKawCniyh"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7497bba23e029b6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
442 B 98ms
48ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=1972122745310307&vrg=2022090601&nw_id=63316753&nslots=7&eid=31069182&pub_url=https%3A%2F%2Fwww.kold.com%2F&sig=0&req=0&req_cnt=2&dm=8

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 804ms
804ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?bc=31&adys=186&scr_x=0&frm=20&dmc=8&biw=1600&eri=1&ptt=17&ifi=2&adks=3810531413&gdfp_req=1&ga_sid=1662976164&impl=fifs&btvi=0&u_ah=1200&u_sd=1&msz=1900x109&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&correlator=4214518605514440&vrg=2022090601&url=https%3A%2F%2Fwww.kold.com%2F&us_privacy=1---&bih=1200&u_w=1600&prev_iu_szs=1900x1200&vis=1&sc=1&dt=1662976164197&sfv=1-0-38&ucis=2&ohw=1600&prev_scp=position%3D1%26pt%3Dsection%26cid%3D%252Fhomepage&dlt=1662976163029&pvsid=1972122745310307&output=ldjh&u_h=1200&cookie_enabled=1&lmt=1662976162&u_cd=24&abxe=1&fsapi=false&ga_hid=196024029&ga_vid=158068861.1662976164&idt=1011&scr_y=0&adxs=-150&u_his=2&enc_prev_ius=%2F0%2F1%2F2%2F3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&ga_fc=true&fws=4&psz=1600x109&nvt=1&u_aw=1600&eid=31069182&oid=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f654659541fa646fa5be32f988feb749ec6d2a9a0590958eeede894f1c16a675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10062
x-xss-protection: 0
google-lineitem-id: 6029484182
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138396226819
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 58CB 3 KB
2 KB 193ms
17ms Document
text/html 184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 09:49:24 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 4A11 3 KB
2 KB 194ms
20ms Document
text/html 184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 09:49:24 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7608 52 KB
17 KB 90ms
23ms Document
text/html 184.51.9.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.18 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-18.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 09:49:24 GMT
ETag: "623de86a-cf34"
Expires: Tue, 13 Sep 2022 09:49:26 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 591A 52 KB
17 KB 85ms
19ms Document
text/html 184.51.9.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.18 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-18.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 09:49:24 GMT
ETag: "623de86a-cf34"
Expires: Tue, 13 Sep 2022 09:49:26 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame B7BF 3 KB
2 KB 190ms
18ms Document
text/html 184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 09:49:24 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame ADC0 52 KB
17 KB 84ms
20ms Document
text/html 184.51.9.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.18 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-18.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 09:49:24 GMT
ETag: "623de86a-cf34"
Expires: Tue, 13 Sep 2022 09:49:26 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3786 52 KB
17 KB 84ms
20ms Document
text/html 184.51.9.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.18 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-18.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Sep 2022 09:49:24 GMT
ETag: "623de86a-cf34"
Expires: Tue, 13 Sep 2022 09:49:26 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 57A4 3 KB
2 KB 188ms
19ms Document
text/html 184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Sep 2022 09:49:24 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 773ms
772ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?nvt=1&oid=2&scr_x=0&ga_vid=158068861.1662976164&correlator=4214518605514440&u_cd=24&gdfp_req=1&pvsid=1972122745310307&impl=fifs&vis=1&ga_sid=1662976164&u_ah=1200&dt=1662976164226&dmc=8&ptt=17&bih=1200&adys=628&sfv=1-0-38&u_sd=1&output=ldjh&btvi=0&psz=300x317&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&prev_iu_szs=300x600%7C300x250&eri=1&url=https%3A%2F%2Fwww.kold.com%2F&sc=1&eid=31069182&ifi=3&u_w=1600&vrg=2022090601&biw=1600&ga_fc=true&cookie_enabled=1&lmt=1662976162&ohw=0&bc=31&msz=300x285&fws=512&u_h=1200&u_his=2&dlt=1662976163029&adks=1478034852&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&frm=20&ucis=3&idt=1011&ga_hid=196024029&enc_prev_ius=%2F0%2F1%2F2%2F3&u_aw=1600&us_privacy=1---&adxs=1135&abxe=1&scr_y=0&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D1%26pwtsid%3D34b39e04d6663cc%26pwtbst%3D1%26pwtecp%3D0.01%26pwtpid%3Dix%26pwtpubid%3D161733%26pwtprofid%3D6819%26pwtverid%3D9%26pwtsz%3D300x250%26pwtplt%3Ddisplay&fsapi=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f698ed8fe2a56059aafa8acd946d7d02ddb32cb3368c299f4c1b7af3df9c40e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11728
x-xss-protection: 0
google-lineitem-id: 6029484362
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138395751480
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
13 KB 771ms
771ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1972122745310307&eri=1&biw=1600&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&dlt=1662976163029&bc=31&u_ah=1200&scr_x=0&oid=2&sc=1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&psz=1600x125&abxe=1&sfv=1-0-38&u_aw=1600&us_privacy=1---&ucis=4&cookie_enabled=1&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D1%26pwtsid%3D35f71d000ffda61%26pwtbst%3D1%26pwtecp%3D0.01%26pwtpid%3Dix%26pwtpubid%3D161733%26pwtprofid%3D6819%26pwtverid%3D9%26pwtsz%3D728x90%26pwtplt%3Ddisplay&btvi=0&ga_sid=1662976164&u_w=1600&adys=202&gdfp_req=1&vis=1&scr_y=0&output=ldjh&frm=20&idt=1011&ga_fc=true&ga_hid=196024029&bih=1200&vrg=2022090601&ohw=0&ifi=4&adxs=315&dmc=8&adks=1388290751&ptt=17&lmt=1662976162&u_cd=24&nvt=1&correlator=4214518605514440&fsapi=false&impl=fifs&u_sd=1&url=https%3A%2F%2Fwww.kold.com%2F&msz=1600x109&u_h=1200&eid=31069182&dt=1662976164238&fws=0&u_his=2&ga_vid=158068861.1662976164&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b29843e0137723ee093569bc8ac7613f5c3e90e09aae7a7cd66cba9752a3325f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12885
x-xss-protection: 0
google-lineitem-id: 6029484218
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138329851183
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9009 15 KB
6 KB 26ms
26ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=72958
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 09:49:24 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 13 Sep 2022 06:05:22 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 48F6 15 KB
6 KB 27ms
27ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=72958
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 09:49:24 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 13 Sep 2022 06:05:22 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1C35 15 KB
6 KB 28ms
26ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=72958
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 09:49:24 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 13 Sep 2022 06:05:22 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9417 15 KB
6 KB 28ms
27ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=72958
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 09:49:24 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 13 Sep 2022 06:05:22 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9009 0
42 B 110ms
14ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52788581&p=161733&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 77ms
27ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kold.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 51ms
23ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kold.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 83 KB
28 KB 976ms
976ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?frm=20&vis=1&dt=1662976164332&u_h=1200&u_aw=1600&impl=fifs&fws=0&u_his=2&nvt=1&scr_y=0&u_ah=1200&url=https%3A%2F%2Fwww.kold.com%2F&ifi=5&ohw=0&ga_sid=1662976164&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&pvsid=1972122745310307&sfv=1-0-38&iu_parts=63316753%2Ckold%2Cweb%2Chomepage%2Cstory-feature&eri=1&u_sd=1&u_cd=24&adks=269316136&idt=1011&u_w=1600&psz=954x141&ga_vid=158068861.1662976164&cookie_enabled=1&fsapi=false&dmc=8&abxe=1&sc=1&bih=1200&us_privacy=1---&msz=954x109&adxs=165&correlator=4214518605514440&lmt=1662976162&ucis=5&adys=798&gdfp_req=1&ptt=17&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&btvi=0&oid=2&scr_x=0&vrg=2022090601&output=ldjh&prev_iu_szs=728x90&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D3%26pwtsid%3D414c845e1221975%26pwtbst%3D1%26pwtecp%3D0.13%26pwtpid%3Dappnexus%26pwtpubid%3D161733%26pwtprofid%3D6819%26pwtverid%3D9%26pwtsz%3D728x90%26pwtplt%3Ddisplay&dlt=1662976163029&biw=1600&eid=31069182&bc=31&ga_hid=196024029&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

bf3d98650fe1b3740399f2c5a269c4c2e7182f749a834fa64f05dd2b2afe766f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPvg1vz8jvoCFYWi3godVvoKew&gqi=&layout=/sadbundle/%24csp%253Der3%24/164903383637950464/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPvg1vz8jvoCFYWi3godVvoKew&gqi=&layout=/sadbundle/%24csp%253Der3%24/164903383637950464/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28653
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Mon, 12 Sep 2022 09:49:25 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 704
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 122ms
122ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/704?story_url=https%3A%2F%2Fwww.kold.com%2F&visitor=e2nkvo5ofagufwmz

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.kold.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7497bba32be1bbc1-FRA
date: Mon, 12 Sep 2022 09:49:24 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2844
date: Mon, 12 Sep 2022 09:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 11:02:00 GMT

POST
H3 200 704 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
543 B 149ms
148ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/704?story_url=https%3A%2F%2Fwww.kold.com%2F&visitor=e2nkvo5ofagufwmz

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592fca6aecee214be9552f911b202f4272ec971f82bda483034f5dc53d0c6292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: br
vary: X-HTTP-Method-Override
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"41-/9lfzhQs3MEryQRt4TTcuahoz5Y"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
cf-ray: 7497bba3e8d99170-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H3 200 iframeResizer.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 11 KB
5 KB 28ms
28ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vg.1.97.29-0d87610&p=704

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3894
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 11:04:04 GMT
server: cloudflare
etag: W/"2e2f-1830d5258a0"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7497bba32f8c9170-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 09:49:24 GMT

GET
H3 200 state-machine.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 24ms
23ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vg.1.97.29-0d87610&p=704

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3894
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 11:04:04 GMT
server: cloudflare
etag: W/"f2a-1830d5258a0"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7497bba32f909170-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 09:49:24 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/base/ 16 KB
5 KB 33ms
33ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vg.1.97.29-0d87610&p=704

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3894
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Sep 2022 09:44:26 GMT
server: cloudflare
etag: W/"8abb-18321a2e090"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7497bba32f919170-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 09:49:24 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/embedded/ 2 KB
1 KB 27ms
26ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vg.1.97.29-0d87610&p=704

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3894
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Sep 2022 09:44:26 GMT
server: cloudflare
etag: W/"19c7-18321a2e090"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7497bba32f929170-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 09:49:24 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 591A 0
741 B 20ms
19ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6e7e46c4-946e-4bb6-824b-dcf41af97715
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame ADC0 0
741 B 13ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f6d3c172-dbbe-4447-ac59-9d5c6b738b89
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3786 0
741 B 38ms
38ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 61ab7ee5-d63c-4e45-b0b9-7c01b0dec888
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 954ms
954ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?msz=300x50&pvsid=1972122745310307&scr_y=0&gdfp_req=1&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D1&prev_iu_szs=300x50&dt=1662976164350&adxs=1135&dlt=1662976163029&u_cd=24&abxe=1&bih=1200&iu_parts=63316753%2Ckold%2Cweb%2Chomepage%2Cweather-widget%2Cradar%2Cseven-day-forecast&fsapi=false&idt=1011&output=ldjh&us_privacy=1---&eri=1&correlator=4214518605514440&biw=1600&scr_x=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_ah=1200&frm=20&nvt=1&u_his=2&ga_sid=1662976164&fws=4&u_sd=1&vis=1&vrg=2022090601&lmt=1662976162&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2F6&cookie_enabled=1&ptt=17&ifi=6&ga_fc=true&adys=519&psz=282x50&sc=1&bc=31&url=https%3A%2F%2Fwww.kold.com%2F&sfv=1-0-38&impl=fifs&u_w=1600&dmc=8&u_aw=1600&btvi=0&ga_vid=158068861.1662976164&oid=2&eid=31069182&adks=1640516046&ga_hid=196024029&ucis=6&ohw=300&u_h=1200

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a6d18e5efda6ffec1833f73274a8b01bc202709869bf6c4f805c872ca89af91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11954
x-xss-protection: 0
google-lineitem-id: 5943130519
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383818527
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7608 0
741 B 13ms
12ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c1471433-5e62-4198-8513-84e032749c92
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-81117537-17&cid=158068861.1662976164&jid=254524452&gjid=2039482681&_gid=1818732705.1662976164&_u=ACCAgEABCAAAAE~&z=304634057

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Sep 2022 09:49:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=196024029&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kold.com%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ACCAgEABC~&jid=254524452&gjid=2039482681&cid=158068861.1662976164&tid=UA-81117537-17&_gid=1818732705.1662976164&z=1308759246

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 15:46:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64984
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1144 Show response
api-esp.piano.io/publisher/unattended/ Frame 0ACA 138 KB
46 KB 123ms
123ms Document
text/html 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/unattended/1144?wv=50&v=vg.1.97.29-0d87610

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4995efa69f4ecbfe4a7187e5acdb2a1131610b2b1d1f7375f05725366e4db51a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000 public
cf-cache-status: DYNAMIC
cf-ray: 7497bba36fef9170-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 09:49:24 GMT
etag: W/"22682-LExzyUZpIdsk76fZ2i4eHzXaeKY"
expires: Tue, 12 Sep 2023 09:49:24 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
x-cache-status: HIT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 112 KB
42 KB 322ms
321ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?btvi=1&fsapi=false&ga_sid=1662976164&eid=31069182&oid=2&lmt=1662976162&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D2%26pwtsid%3D4088f7843e5fc48%26pwtbst%3D1%26pwtecp%3D0.01%26pwtpid%3Dappnexus%26pwtpubid%3D161733%26pwtprofid%3D6819%26pwtverid%3D9%26pwtsz%3D728x90%26pwtplt%3Ddisplay&enc_prev_ius=%2F0%2F1%2F2%2F3&dmc=8&correlator=4214518605514440&cookie_enabled=1&bc=31&u_w=1600&eri=1&u_ah=1200&msz=1270x125&dt=1662976164430&u_cd=24&fws=0&abxe=1&ga_vid=158068861.1662976164&gdfp_req=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adys=1831&scr_y=0&prev_iu_szs=970x250%7C970x90%7C728x90&output=ldjh&idt=1011&pvsid=1972122745310307&frm=20&sfv=1-0-38&ptt=17&ifi=7&iu_parts=63316753%2Ckold%2Cweb%2Chomepage&nvt=1&url=https%3A%2F%2Fwww.kold.com%2F&bih=1200&u_aw=1600&psz=1270x157&ga_cid=1818732705.1662976164&impl=fifs&u_h=1200&biw=1600&ga_fc=true&scr_x=0&u_his=2&u_sd=1&adks=1963899799&adxs=165&us_privacy=1---&sc=1&vis=1&vrg=2022090601&ga_hid=196024029&dlt=1662976163029&ohw=0&ucis=7

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1eebd9b534789cac87e633c079a65d1557c4226f5a831e1ab17ad33e793769f8

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWat_z8jvoCFXOE_Qcdf0cIag&gqi=&layout=/sadbundle/%24csp%253Der3%24/4230165074078699441/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWat_z8jvoCFXOE_Qcdf0cIag&gqi=&layout=/sadbundle/%24csp%253Der3%24/4230165074078699441/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42900
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Mon, 12 Sep 2022 09:49:24 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 69F1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

69ms
31ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95211240f9dab3df6a9a0c3b2449b34328b9660a007e8dd55fec62ffda426f8a

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7497bba46d539a18-FRA
content-encoding: br
content-type: text/html
date: Mon, 12 Sep 2022 09:49:24 GMT
dropped-udsids: 230|45|39|241|190|46|73|130
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8u0%2BqDqPOi8PZeBUQg4QUb5W1fpSqPA0jJy42m85V1rz%2FjwSZviC4cEKhE%2FZ1SYyf2maAGAqtITC88JTpSE%2B6FCL0Fj%2FWrjCRkl5n%2BOf0eyfm0vafCD432m00fGgXPDyh2S"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7497bba3fdef9a39-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 12 Sep 2022 09:49:24 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qiBTRHJKolRkpX8wqrXhX1FsRCwSTJVfNsdckqXWPqfhyatX50DMCH4Aj81FdAsTwZssyAwtWice6o%2BZemrWkQlKdxe6mh43SEZt%2B9TXcOJZqIpDxRbQ29Z4daccor6TVCTsCDBSuMGIg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 userx.20220911-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 9ms
9ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220911-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17c6e0700b1251b6efa0f458b28499fceed4feb244f38449229711df59c50442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: Ek61HA8B8BWBtYLsWHHKkCAbHJxEVWNB
content-encoding: gzip
etag: "ac031ada2fe133d994209898d9fd9c11"
age: 90
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: GrFGw/xUFIC+gHSjJUObNYyoequ22GKCHEqnRJJR+NcP5bpO0rLtXZVWpLLRu5kgCQDAOhComOQ=
x-served-by: cache-fra19144-FRA
last-modified: Sun, 11 Sep 2022 11:11:50 GMT
server: AmazonS3
x-timer: S1662976164.454872,VS0,VE0
date: Mon, 12 Sep 2022 09:49:24 GMT
vary: Accept-Encoding
x-amz-request-id: NVRP157S98XJMCKX
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 42

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 45A1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

81ms
44ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb5493ffd3549ac93fabae9d11597e190e8ccac1bf5e068cc5fdbc9243acef19

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7497bba46d599a18-FRA
content-encoding: br
content-type: text/html
date: Mon, 12 Sep 2022 09:49:24 GMT
dropped-udsids: 39|241|45|230|17|47|191|31
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBaC%2B4dmXVv%2F1MMnnkfK02th9gG%2F%2Fk%2FlpaboVfRvqKcE5hRHFXCFAfNCRWGLPeeK5Jg%2BuR2mnYltTdOJPwlepLnP8JzuXGnsiHQ2QzK3vHRbODEZHqWvW96pwoQ2Shu8rfii"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7497bba3fdf09a39-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 12 Sep 2022 09:49:24 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjRcpsbOTUja60nzrOyVLxonS0VkeWkysrp56BPAzeyju3aHfktDqO4wbsW2CeLEa00pTaes7lUbIfjK3kQBzqUpGnPvLaB9VCvERtrfblvQ4FsEn%2BdoTy5PPnuUljjz1iP64GEgrC6Ysg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 99DE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1012 B

77ms
40ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84724d98b07d0b16ee81863c6f0e5ffa451bb811e74d30112c20116fda003142

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7497bba46d579a18-FRA
content-encoding: br
content-type: text/html
date: Mon, 12 Sep 2022 09:49:24 GMT
dropped-udsids: 45|39|230|241|218|51|176|152
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b30LqDhuuOOs4So8Hxug3pZDxbiGo3Ds0O867LjiE2XabQN%2FEYFU2cvHbi0s1P6KyU41EqWzkVzjGpoJU%2F1Xb6B%2FwLxwtG0twDLROiC6F706jzehkLX9PUZS0xNpqruEVXKO"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7497bba3fdf29a39-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 12 Sep 2022 09:49:24 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFgem9sQiUNtn%2FNoojwORW0TaKk%2BnYDe0GCvc%2FyeabvS1%2FoqojYEX5WfxL3lbM6sI06K1Z6jjnSdCyQ%2FVsqY4AwOvWkS%2BLEKSaFsp%2Bh%2F8J92h91j9TQxXKUfJPHiL6RcSFo5E1NNH09dKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 9FAF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

72ms
37ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 284ccab0f59271a686d33533d7bf2b826aafc3a242a26972987b224bdebf4b95

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7497bba46d5a9a18-FRA
content-encoding: br
content-type: text/html
date: Mon, 12 Sep 2022 09:49:24 GMT
dropped-udsids: 230|39|241|45|105|40|18|195
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww8Oc6MJQcAvSEGVyU7WhTOXkZOu736muJ5TQHpOjaJK3K%2Bpy%2FFW4cteGeQ4hivdIAAwy6BCsDJo7NgG9fa8HqMjHsDl7UvHTbdhXTlulKJ67qmvb2u8ykm0ZuXzoA6B%2FNRi"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7497bba3fdf49a39-FRA
content-type: text/html; charset=iso-8859-1
date: Mon, 12 Sep 2022 09:49:24 GMT
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7cdJD5UX5h1jtisaJjEjatS37IuFCQ6CGDNGJWmGK87VHLkAzran3Pp5nq4VWgbMMjEPOuaBugbI9F4usRNYiskdjEcqm5coNb4m20oPr7yiUPjKyxG%2FtnghNI9w8B0TXz52UewNEEzCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 6de1eda92951b12de55690b5a868f3b2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 9ms
8ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6de1eda92951b12de55690b5a868f3b2.jpg
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d945fcdf89826a862cfddd54d16921d921fcf8ba2567c95e9603aa7fdb2664e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 12 Sep 2022 09:49:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 3530035
edge-cache-tag: 506372093421795540841252177144217943417,586812539319807230366117120745388737208,29ecf9b93bbf306179626feeda1fab70
cache-tag: 506372093421795540841252177144217943417,586812539319807230366117120745388737208,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 73
x-cache: MISS, MISS, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6de1eda92951b12de55690b5a868f3b2.jpg
content-length: 5878
x-request-id: 277ad432332740beabec5fff230b9794
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 15 Jul 2022 07:49:38 GMT
server: nginx
x-timer: S1662976164.469963,VS0,VE1
etag: "f245c87c3075d135faa1b58a2e484361"
x-served-by: cache-iad-kcgs7200076-IAD, cache-iad-kcgs7200096-IAD, cache-lga21947-LGA, cache-iad-kcgs7200127-IAD, cache-fra19144-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 69F1 170 B
232 B 72ms
24ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 69F1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENkjSneyGYk2bKPx8LJc9B4&google_cver=1&gdpr=1

43 B
846 B

41ms
31ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENkjSneyGYk2bKPx8LJc9B4&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba58fbabb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFMcMpCYfSw1W6qCMT1yz23pYLOfhv%2Fu6u%2BJW4B7mb%2B%2FwcShLT2hzJHt61ZU4wKLFRhAzSQR1ABerupi6Pg6Fhg%2Fzh6oRLyMxwU%2FGcImZix959qFp13rR3EcGUnZNltdA7aCweQKlDGUHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENkjSneyGYk2bKPx8LJc9B4&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 69F1 70 B
265 B 105ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 69F1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&dcc=t

43 B
568 B

95ms
94ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 298NY8N77AB8NQXM514A
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: SAV19DW6WC1VZ6EF8TTR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 69F1 0
0 15ms
13ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 69F1 0
0 46ms
14ms Image
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 69F1 43 B
1 KB 201ms
35ms Image
image/gif 2a05:d018:d29:3602:907b:7a9f:e2d8:a678
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:907b:7a9f:e2d8:a678 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 69F1 43 B
430 B 145ms
31ms Image
image/gif 52.50.89.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.89.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-89-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 69F1 43 B
103 B 55ms
18ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yx8ApD2dW1ynZ5zixXFu2wAA%261166
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba4ff2a9055-FRA
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 69
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Mon, 12 Sep 2022 13:49:24 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 9FAF 170 B
502 B 57ms
23ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx8ApAvKYyCGwvqpxXDk-QAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9FAF 70 B
264 B 100ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9FAF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApAvKYyCGwvqpxXDk-QAABK8AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApAvKYyCGwvqpxXDk-QAABK8AAAIB&dcc=t

43 B
568 B

99ms
97ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApAvKYyCGwvqpxXDk-QAABK8AAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: CN523Z1WBZ7CJFPNX7MR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 30F35Y7TPSWFFXHPNFZE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApAvKYyCGwvqpxXDk-QAABK8AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9FAF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIwDwBIMYxiI_hPxGJF9S_4&google_cver=1&gdpr=1

43 B
846 B

44ms
33ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIwDwBIMYxiI_hPxGJF9S_4&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba58fbcbb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyYAfLIqbRnHe46ZSDX27ubNkcnmxHW5IldTYiEZo5%2FSrGlA4SgynRy2upeAnuri1xCVaXG4NqNt5d%2FPIw%2FvG%2FmMQxaoFRWd79PrVSI5WZrqwUhmEc1WkpN%2BKg0SAIPTTc4ESbsqAyg%2FjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIwDwBIMYxiI_hPxGJF9S_4&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9FAF
Redirect Chain

https://d.adroll.com/cm/index/ssp?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
846 B

25ms
24ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba5c81dbb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpJJHYs4OGNqY2rc%2BHF4OEj1aKpRT2LF6uiS%2FpMXAk4Rsk7LNZLcQn3XrdywMUwL2E8vPSoZzfGxUao9so6w%2B8%2FdNAioBW4Yvi%2BmieYtAm8t9BTQLrkF8RBAiqbQ%2BcpaEFG7R6gfwUivNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Mon, 12 Sep 2022 09:49:24 GMT
server: nginx/1.20.0
content-length: 76

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9FAF
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678614564&external_user_id=63c299a8-6e7d-4c5b-a9be-94c666002e91

43 B
842 B

27ms
27ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678614564&external_user_id=63c299a8-6e7d-4c5b-a9be-94c666002e91
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba669a1bb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FedcYnI8uI6eEy2PiQTimWyz6sjUCVyy2YBmS87QzSx08%2FgR0WmYgoQoHEji8MIbDxUHMCqx86eS30FWEDP%2FgA4Ep0t3oR2Ut8nSJN2rqGtwQZggE5a0C5XX%2Bi2keFqfjMKzdzEfO73UA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Mon, 12 Sep 2022 09:49:24 GMT
via: 1.1 google
access-control-allow-origin: *.casalemedia.com
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1678614564&external_user_id=63c299a8-6e7d-4c5b-a9be-94c666002e91
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9FAF
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-3874cafd-8e45-4397-aaa3-9e739395383e

43 B
848 B

26ms
25ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-3874cafd-8e45-4397-aaa3-9e739395383e
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba6da8bbb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66cAxV7%2B7AUsgPFLZXgMnkLeyW9Z%2Fy5YTLTs0wUXCky2Hl6XES%2FtTtyxHX2OxGcWdbTiA7tXgwYu%2Bq%2FUfyKUvMpg1GCtFBehCPpIfMhugpQUJVxqraxFWEF3z3lh%2FCIHjSpOQiIcXK7q1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-3874cafd-8e45-4397-aaa3-9e739395383e
date: Mon, 12 Sep 2022 09:49:24 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 9FAF 43 B
103 B 43ms
17ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yx8ApAvKYyCGwvqpxXDk.QAA%261199
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba4ff2c9055-FRA
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 69
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Mon, 12 Sep 2022 13:49:24 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 99DE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKS6s9Z35kiPtJayLekqEvQ&google_cver=1&gdpr=1

43 B
848 B

38ms
27ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKS6s9Z35kiPtJayLekqEvQ&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba58fbbbb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqyeO2O9%2FQcnyIbueJDTkkffKGu%2Bvy%2Baj5QXqf27tdNavRX0Xsf548h%2Flw%2BbyS5xxaPzGsPcNZGeJFRDKuifh8A7oZ9V2n74PC1F7ss9c%2FRa9AL9jrWURqAAGvTK4kCV32TeSNBM4NNW%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKS6s9Z35kiPtJayLekqEvQ&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 99DE 70 B
264 B 95ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 99DE 170 B
232 B 49ms
23ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 99DE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&dcc=t

43 B
568 B

109ms
109ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 7349PQDT9HSSA96QCWNP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: WWJJG99H3BFJ3KCSK0K6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=Yx8ApD2dW1ynZ5zixXFu2wAA%261166
dpm.demdex.net/ Frame 99DE 0
0 250ms
32ms Image
application/json 52.30.247.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yx8ApD2dW1ynZ5zixXFu2wAA%261166?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.247.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-247-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 99DE 43 B
220 B 185ms
9ms Image
image/gif 3.67.157.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.157.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-157-21.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 09:49:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 113
match.deepintent.com/usersync/ Frame 99DE 0
44 B 338ms
97ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
content-length: 0
server: b

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 99DE
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5ee4e11b-2d7d-4d21-9d41-dd15c9116123

43 B
839 B

30ms
30ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5ee4e11b-2d7d-4d21-9d41-dd15c9116123
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba7cc3cbb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=516nONIvTJr%2BVHr0pvwYC3AVXp7E4pRwiUQ2eM6yG09x4ARGQir8fjE6gugDf7hQGc8qZXAnNHxgw3C4yHrJVc0XsrKE3dnojenlA8ZFZyPib8ODGej24ZmPMF9BBAUbBqcuF06Iza323w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:25 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5ee4e11b-2d7d-4d21-9d41-dd15c9116123
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 99DE 43 B
102 B 39ms
17ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yx8ApD2dW1ynZ5zixXFu2wAA%261166
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba4ff2d9055-FRA
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 69
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Mon, 12 Sep 2022 13:49:24 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame D67F
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

104ms
104ms

Document
text/html

34.236.72.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.72.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-72-34.compute-1.amazonaws.com
Software: /
Resource Hash: 18fe82137ef7699d9b14a6acb2b8eb1d45656cee2cb4045022ffccc44ab96f45

Request headers

Referer: https://r.casalemedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-length: 186
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 09:49:25 GMT
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Mon, 12 Sep 2022 09:49:25 GMT
pragma: no-cache

Redirect headers

content-length: 41
content-type: text/html; charset=utf-8
date: Mon, 12 Sep 2022 09:49:24 GMT
location: /um/cs&eq_cc=1

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 45A1 70 B
264 B 93ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 45A1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&dcc=t

43 B
568 B

104ms
104ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:25 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: N76EMQ8688AWVA5R5883
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: TJ8Q25M8N0QXFD747NQK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 45A1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMs6qlmM6YDTpNXlsj_C0p0&google_cver=1&gdpr=1

43 B
880 B

38ms
26ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMs6qlmM6YDTpNXlsj_C0p0&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba58fb7bb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPLD2V6GzuskOcdwKTdhoK97qfkIDfZiEElL7zRZQoIwYhCMWFRnW%2F9LwxddbmrvtK3mmQB4rPAvExaChgMDSZF5XhLmM0sKltxt4XLt62DHe1ZzMTpj8q%2BpBsdqonfO%2FsDUjSzxEGIEgw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMs6qlmM6YDTpNXlsj_C0p0&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 45A1 170 B
232 B 48ms
25ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 45A1
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

43 B
851 B

26ms
25ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba7dc50bb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsKBTJ8JsCaNqg%2FRItR9yM8szkYASduZEzE6BJRV8504%2BTf0NaTLHLISy5XfRKarVq7y335W5PRTLQzwUdvkBuGEWO%2BE%2Bb12XIhDEjfM9%2FpNI%2B2NS%2FIKxJ7jE1N%2Fmadd2dvVfoFvQWQrIg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 106
Content-Type: text/html; charset=utf-8

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 45A1
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=KuYHonT91OxG4c5&gdpr=1

43 B
842 B

21ms
21ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=KuYHonT91OxG4c5&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba5aff3bb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBqODAApYXd%2FryxjhLppus4v3xHR8n6X23bgphXudJ4P0LujP%2B6tBgpqp1b%2FePGz5m0U8AaXJoFh5H00krZfKbWZMNETBr3P9zLOiwYZJOnLmSxnYfjoxTlbhpO55Dtoh73sxqXbtbpyVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:24 GMT
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-013e0f4b92ef8966c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=KuYHonT91OxG4c5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 45A1
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=4f670fed-8269-21aa-2947beea

43 B
842 B

22ms
22ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=4f670fed-8269-21aa-2947beea
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba5d853bb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOkU0pmmGkI6jHAEgQoyOLSbaIF52evDD4g87wnYZnB2LzPwc9dDLAOSYg30TcjDsK%2FtOdf3J5eG0NejWaiDaWANLoFYIfOhbNaA86OFQPcHtMOjYM%2Bd7wnI%2FFJIarK8c3BV201H7iideA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Mon, 12 Sep 2022 09:49:24 GMT
via: 1.1 google
server: nginx/1.22.0
access-control-allow-origin: *
p3p: CP='This is not a P3P policy!'
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=4f670fed-8269-21aa-2947beea
cache-control: max-age=3600
content-type: text/html; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 45A1
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7162625641584285434&uid=Q7162625641584285434&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

7ms
7ms

Image
image/gif

23.75.246.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-246-168.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 09:49:24 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Mon, 12 Sep 2022 09:49:24 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 45A1 43 B
351 B 37ms
16ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yx8ApD2dW1ynZ5zixXFu2wAA%261166
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kold.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba4ff2f9055-FRA
date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 69
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Mon, 12 Sep 2022 13:49:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0ACA 2 KB
1 KB 60ms
23ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api-esp.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 09:05:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 12 Sep 2022 09:49:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Sep 2022 09:49:24 GMT

GET
H3 200 container.html Show response
d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 71BA 6 KB
3 KB 46ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 09:49:24 GMT
expires: Tue, 12 Sep 2023 09:49:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mail-logo.png
api-esp.piano.io/public/sdk/v04/assets/ Frame 0ACA 18 KB
18 KB 19ms
18ms Image
image/png 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api-esp.piano.io/public/sdk/v04/assets/mail-logo.png

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21e01ea2581ed70b9baa7c8e316fdbf3d9ee0e6fc8a7429e9012f205cd9e91e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api-esp.piano.io/publisher/unattended/1144?wv=50&v=vg.1.97.29-0d87610
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: HIT
age: 6878
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18301
last-modified: Fri, 09 Sep 2022 09:44:26 GMT
server: cloudflare
etag: W/"477d-18321a2e090"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7497bba5fce39170-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 09:49:24 GMT

GET
H3 200 success.png
api-esp.piano.io/public/sdk/v04/assets/ Frame 0ACA 20 KB
20 KB 20ms
19ms Image
image/png 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api-esp.piano.io/public/sdk/v04/assets/success.png

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6050bbd2c01a71b42fc8ee334617ff6d3d23129fce22c33855f14749a810a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api-esp.piano.io/publisher/unattended/1144?wv=50&v=vg.1.97.29-0d87610
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
cf-cache-status: HIT
age: 6857
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20011
last-modified: Mon, 29 Aug 2022 19:06:55 GMT
server: cloudflare
etag: W/"4e2b-182eaffe498"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7497bba5fce49170-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 12 Sep 2023 09:49:24 GMT

POST
H3 200 w_shown Show response
api-esp.piano.io/tracker/lucid/event/704/1144/ 39 B
519 B 127ms
127ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/event/704/1144/w_shown?src_story=https%3A%2F%2Fwww.kold.com%2F&visitor=e2nkvo5ofagufwmz

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
vary: X-HTTP-Method-Override
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39
server: cloudflare
etag: W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
access-control-allow-credentials: true
cf-ray: 7497bba6be5f9170-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 w_shown
api-esp.piano.io/tracker/lucid/event/704/1144/ Frame 0
0 117ms
117ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/event/704/1144/w_shown?src_story=https%3A%2F%2Fwww.kold.com%2F&visitor=e2nkvo5ofagufwmz

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.kold.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7497bba5f8f4bbc1-FRA
date: Mon, 12 Sep 2022 09:49:24 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/ Frame 8DF3 20 KB
6 KB 29ms
16ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbc084bea11452c6c3b142bfad6435b5c6d6188667ddc19ce62d6e0befb0bd4e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 262036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4343
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 09:02:08 GMT
expires: Sat, 09 Sep 2023 09:02:08 GMT
last-modified: Tue, 28 Dec 2021 11:32:44 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 71BA 0
0 62ms
62ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVd3IpAAfY8W4HfOI9u8P_46h0AaUiIWWbIHJroKzD9vZHhABIPm_wyNglcr5gZQHoAGq4u28AsgBCakChr7End3YsD7gAgCoAwHIA0iqBJUCT9D2iP2jS718cUVsJN-OeBThJrlWaG5iJ4jRDCThogbIYE90CAe3F9y84d2TMbbipyOXY8t_4MaPAPZ3Tm19n8r5DW0Fg7tJld5e_0ArTFZ4uY2vAoWE3PZL_ZZAgKSJRaMsNq4leHUuftcP6MUkBmbn0w4jY7QcwF6NEJVf6rP6TSFt0TZgoYj0qLn9jVKCvY1xrWINcxm9IicLwEa8Nktqb_wlpwwnQRRz8doJqttPcPYzHaUldo5rJvBp10iKr8YK2IWS4_xUp-X-5qASLkkS1HLQ0ttPlpboIxMvF8WmL47Y0PQqBEe7AkGycicAOdvPQFwxtJDVF8CHCjoF3qLG64QK9p3MCePLs3ggESqxqul1OsAE7-2cw-sD4AQBkgUECAQYAZIFBAgFGASgBi6AB76dksMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQipL1AtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTA4ODMxMjY3MjU3NzMwMjYY2ZAd&sigh=GinByiFB0Pg&uach_m=[UACH]&template_id=419
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 71BA 23 KB
10 KB 24ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 15013890920676311251
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 09:40:52 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 8DF3 9 KB
3 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 04:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Sep 2022 04:52:23 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8DF3 26 KB
10 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 04:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Sep 2022 04:52:24 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8DF3 18 KB
877 B 55ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&cb=1640015215

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f49102fc0bf40b11942b5c3daf0f7c02704b0efb6d69aa196c80b10c8e347eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 09:32:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 12 Sep 2022 09:49:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Sep 2022 09:49:24 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8DF3 57 KB
23 KB 87ms
25ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Sep 2022 09:49:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FE57 143 B
163 B 41ms
13ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 09:39:21 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 71BA 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 09:27:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71BA 141 KB
44 KB 405ms
357ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 09:49:25 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FE57
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

35ms
34ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 09:49:25 GMT
expires: Mon, 12 Sep 2022 09:49:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 09:49:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 imagesxnqvljifjxyhlptn9x5t.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/ Frame 8DF3 5 KB
2 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/imagesxnqvljifjxyhlptn9x5t.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7952e2d4bae54a88c4c6364625d8dfefc7b3e7fee7abbf6be45d92386d15fcf1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 127365
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2134
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 11:32:44 GMT
server: sffe
date: Sat, 10 Sep 2022 22:26:40 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Sep 2023 22:26:40 GMT

GET
H3 200 f54d2a48ca39c0d99ce16efa3def9021.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/ Frame 8DF3 611 B
639 B 23ms
21ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/f54d2a48ca39c0d99ce16efa3def9021.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e85de315e0c2fae3e137cded145db08b32c48ce3a96ccffc8f39d8cc9b3734a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 127365
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 611
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 11:32:44 GMT
server: sffe
date: Sat, 10 Sep 2022 22:26:40 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Sep 2023 22:26:40 GMT

GET
H3 200 a9a3de58aa485fe4aa07759968e9abca.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/ Frame 8DF3 37 KB
37 KB 18ms
16ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/a9a3de58aa485fe4aa07759968e9abca.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

190ac2dcf28454bf183ff11add68423e3b9bb1fc2a99e2ca7c70f89227f046ee

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 127365
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37557
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 11:32:44 GMT
server: sffe
date: Sat, 10 Sep 2022 22:26:40 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Sep 2023 22:26:40 GMT

GET
H3 200 3619ebd6a5eb3d54648556a7b7717130.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/ Frame 8DF3 68 KB
68 KB 23ms
21ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/3619ebd6a5eb3d54648556a7b7717130.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

380b3838ab9ef33515285fdb148e64344db8907b3f455d4a0140d7aca21ac5e1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 127365
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69725
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 11:32:44 GMT
server: sffe
date: Sat, 10 Sep 2022 22:26:40 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Sep 2023 22:26:40 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 8DF3 8 KB
8 KB 60ms
22ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&cb=1640015215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 397421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:25:44 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 8DF3 8 KB
8 KB 60ms
22ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 397472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:24:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4961 0
0 51ms
49ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuID06fIcgpX2muxX29TUjy3xE59SwuZoCe_s67-kD27ovZcRnv5fzKyiagrOXyiHhLi-9lXC8_s0ftg8hPeG9yPbsvNV88E72f6uug2ntg34c9dtLDvZ2T_hm9697lZ8__EeaxDBmoDc2lFa-u8PLcdGoa6Bf2721zOwEginSa3ClEDekdKxNC-4mScGJIvacEMvJpP3p4uoADUT6-t3OFWdlzbiCJ8BksymWQmQMbP1iSwrAhCJMrFz3ZIFsCFrotycEOQ9-rS2xoZV4pBZ1pVbKIQYyZO5sMl9XMpu7-7kHdSlobrz7V593wpnoTHm6m-A&sai=AMfl-YTmyMYsHwg7RN-xYxmMbbrCi6ucAaSNF6rI2U7SeJbH6AVDKcvPGSh2daZxsqBr_Q0o5q0pP12e4F3o_ZaHkVSkJAOwHp-WCdTGiZfNipjVU-8SO_e-oioThXEWOA&sig=Cg0ArKJSzLbuTvMFt0jYEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 4961 3 KB
1 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 09:27:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4961 141 KB
44 KB 296ms
294ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 09:49:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4961 0
0 26ms
24ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVxWNoq3EAMxpbIRGsDtyTXiBL2EBMS0fg8PEVLDJq2m82izCyzGZLEPM6FzbJqjydHErgEKX74f7E7GqHTsUcwIoX2w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 16653647834809933888
tpc.googlesyndication.com/simgad/ Frame 4961 132 KB
132 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16653647834809933888

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295395be0491744949c2b9cd1fd45424ed72796ce7cd8220ffab768d5ed9bd52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:08:48 GMT
x-content-type-options: nosniff
age: 268837
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135136
x-xss-protection: 0
last-modified: Fri, 17 Jun 2022 21:34:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Sep 2023 07:08:48 GMT

GET
H3 200 container.html Show response
d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1B4E 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 09:49:24 GMT
expires: Tue, 12 Sep 2023 09:49:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 8DF3 8 KB
8 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 23:09:49 GMT
x-content-type-options: nosniff
age: 556776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:09:49 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5543 0
0 51ms
50ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCZAf8hbFTXIRcIgcKhZua4S51aI0zK2X0RrKvQa663RSJU_NejFmMIcjOKizb7pGOPePGRyKibJI9CvOh3B7OPxMiypablpm3j0XSmxPZXQPpJykZPvHryUO73WV47UQwG5VJvlXZesVSZ6JmIDBRfrKeQtHqoYb9zwGYpowuIi9SGatvjZ4QVA-Y0iD3i0y3YI7tJPK01Q_lVo0VLvqRmEER9o7L_iyfJfbU_Kfh9Tmqc04SruEixbRds8c6s0ZJdZraM5nj4j6PexMRVXhhg5PS-lpQmYKvJ5Yl96DiV4jKSnkmxo8kOZo_xukbfKBqBg&sai=AMfl-YSHSSFpyRbwWEw7vcDpAEUHzUV597gUAl77CzbvSSqJtde-DjVMFUCGJSWD17Lm7vYqKXd4wcs9wPHFFKDrGz2_S7xB-JUw8xsPsSAo5PZ9bYlME8aGKiQayqvU4A&sig=Cg0ArKJSzLdvFjBvTIaUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 iframe_buster_200_260.js Show response
s0.2mdn.net/879366/ Frame 5543 76 KB
27 KB 42ms
15ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/iframe_buster_200_260.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

863fa63ab480f689de07b75730f9e729c6806e5184598b655bb259c458ebb947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 20:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27697
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 21:01:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Sep 2022 20:04:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5543 141 KB
44 KB 275ms
274ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 09:49:25 GMT

GET
H3 200 container.html Show response
d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 74DF 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 09:49:24 GMT
expires: Tue, 12 Sep 2023 09:49:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1B4E 22 KB
7 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 09:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Sep 2023 09:18:57 GMT

GET
H3 200 7274918930037886235
tpc.googlesyndication.com/simgad/ Frame 1B4E 258 KB
258 KB 16ms
16ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7274918930037886235?

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16e7976f7795a81f10dce7829437edd10c61d19aa4be66438e63b56cc3ba80a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:38:56 GMT
x-content-type-options: nosniff
age: 629
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264404
x-xss-protection: 0
last-modified: Wed, 04 Nov 2020 16:09:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Sep 2023 09:38:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B4E 141 KB
44 KB 210ms
209ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 09:49:25 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 92DD 624 B
297 B 53ms
53ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJGvfRD5ipfOAxivnLvSATAB&v=APEucNXslmsJZKn-hDw2KP1ki16Yh0VFln-997DofOAdA7tisoN-oiqNeXuVajqYY5Wfx-H6slQ2uSC1EFk5Hp_Hre4kc8rqMcQwQAisR9MZMq0NZ-oot5KK81Sre0PUO_OPrTnROOxtjn7Fof5IDKKZo_77ojYyf4A8Nr1YsZTI8p9W4U7fp7A

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 09:49:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame C24F 23 KB
9 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 15013890920676311251
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 08:52:52 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame C24F 6 KB
3 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 18:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2640
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Sep 2022 18:23:22 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C24F 0
110 B 107ms
57ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQQmD6a5egFMAbQMgmhCZV184cKEeQfEloxcfNBHLQ17Skr0pNlgSqp_sktH_ry7oQx1WebJcO80IMeeWwrxLWqKkHwSI2Qi265HE8NxKpFDDKvVd6IGjGFVYJfeSGu-ToMwv9i4BuU7DxCWV2kJKIwa5TE-RYCN1nAS7Y3jmxDgpi6eU0ivBBkNMXwvoycnoJVQ1BYeEfY7jTmEA2UjHTVb7HLyU_n3U19Iq2seNzi5KcOTY84WZbgb13O0QwoREE0H38hUwfUIi2_hP177nW6WKuU1xVz4c7pw4wAGoO890D_3Z1Wg1nSXAclE-8YMnoNdUcvWswej3bGKFMGKtz2pJQhjxVDxxXn6GHgeEjrSeSeIAWLH0S1ZPDLahhNXQkDeMP-S0a2KU_BNBo0DfiOWmvOVqtOu6hAs3kOXKOvs4U5Dv4UKL_8BwmAqB7kzazYT9vwi6qVQfM96tq6bfIaU_PfSh3kMwHIKjQIb2s8cE3pxYcn_zSIFtpIdfcJqb0WSoVudTPpdpLQKVenClPsG2mQuwMp1HlRiwvfaxxfTPlOtMiCHUSTsTtTcgbymRRNQgPZQ06oTrvA4zJ8cPxz8gu0tIu0h8_t_6F8WXqZ23X9_nRhzkfhQ2vNMPKDDmRor1VG3NBRYUjcTMAiDpqeFPvN6xvr5_f_POFVc2QSdA9HDg3T-w3qlg5aqhXCmOr3PqyuXjjcB8Et0MWCNa_zq9FysFKsz-BI50ApJCHAifbnLsZUncpSUGvdpGyC9pRPsZ1nvpYHGd7aBrTqI6d3cPwVnMfvi3nVVW2TOaOw7flGvLGK9dxq24zmEITx-_CSbQ4SeCJcBjpMaABX_oka-LtXkKdl9BJnjBGd-kp3yDQqlwv1smcJXcZGpxhZL14PjDJd60B_A2nxlrtxgy5e0oBbMPWjZLJgfoDhweYsu2aPpxj9W6kOMsWs1BBwkxdO9GzizlDhXA9DZanhVrzx5W39n9HFaG7mqSMVYHcbn8lWsd-QcSwARCDopOMLwKQKxYuwllniIfi1NGapNz0NOJtTSmR3nlM6VlPGPZny7_N6XjmkdMLBFwHHzjd1Mr0AsZM8vhihIqNPMu2KAWofBFH9rGZLn7yP_D1kznbSvWi3f-qLMsA1DZ7twq_AxEt6yIxL1BAFv313q33pWdFWQ7IWBbncnBy82-54W39gd87UtjOXBxxDzWOD1YIK3DAFMdF-Do7IEBNkmp7VKM71qBi4LjFOYRukyk27bzLVW_npwCSkYhrG9k6Y6p8f7EBx43KmFGIXz683F9V7Q&sai=AMfl-YQYQxd9Ln7_QDbULmKM_vGBmCmBbhymrQkkSVh0vTIq84JWMc_4xejBT_VnEeLgFHLgrGU6crewvCl6MHpzRtspMy1ITI_ibgOx1NW14AgFiJ4yi4nEUoju25tOqymQfgrDAXD-9fA0lyCtiwEd2YeKhP17oQsR5FHt6aScV3E6mh4oX8Ybt8ufNeerspKAiWlMn0fjdE9NZqvVSw_--WPSAkMEaDrHdz8a09epRlXihicILW6mxoN_fWYEUho6KF9g8fvcfzHAccBhME4G7XvFXtxzeWSiV1gwydtPrysP&sig=Cg0ArKJSzFKfV-FIRYcbEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220907.78852&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 12 Sep 2022 09:49:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C24F 41 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 07:50:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame C24F 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 09:27:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame C24F 17 KB
7 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 09:35:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C24F 141 KB
44 KB 197ms
195ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 09:49:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C24F 42 B
63 B 75ms
49ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CsXFlkifjYGZjkHRbuQ6M3DWIAEaCQhmmPm5CDWXOWYKALRw2JzuZamOpGxkUMKgnei5Ixoa_1jPHd_TgzY3XVJ872P0PkROqh2J268dkaH1z1kFI

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1895779122057445378
s0.2mdn.net/simgad/ Frame C24F 22 KB
22 KB 15ms
14ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1895779122057445378

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7a0d10e4575ed55e94aee103ae3871c3c55660136cd299a2da6290dd5d30df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 15:38:40 GMT
x-content-type-options: nosniff
age: 238245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22612
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 13:24:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 15:38:40 GMT

GET
H3 200 crum
dsum-sec.casalemedia.com/ Frame D67F 43 B
847 B 24ms
24ms Image
image/gif 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=653392e5-2875-44ea-ab06-b866dfb95adb&expiration=1670838565
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba81ca3bb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F96070AjKLcJ3NlOBCt79HB06c0bm0VKKhMr8hUt%2FKq2HgeR7gzP1%2Bco6koSEr5sbpza%2Bb2IzbqJvUt4%2Ba9yML1nZ4%2FSL2CBH0Fn7xpu%2BjNilrJm%2FaZyYIy2IKOXeoSMyPALHi6poXG%2FCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DF3 36 KB
16 KB 37ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 08:19:29 GMT

GET
H3 200 61634863_dd48023917ee7628fa39bb1583fb33f5_creative_def.js Show response
s0.2mdn.net/ads/richmedia/studio/creative/61615318/ 4 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/creative/61615318/61634863_dd48023917ee7628fa39bb1583fb33f5_creative_def.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/iframe_buster_200_260.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d703212e12ffcc70403adaae7d72eae71928d44d1b6bf73575b3d455c1a6bb3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 05:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1479
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 12:44:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 05:40:04 GMT

GET
H3 200 html_expanding_rendering_lib_200_260.js Show response
s0.2mdn.net/879366/ 200 KB
69 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_expanding_rendering_lib_200_260.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/iframe_buster_200_260.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c46b0f3202b6ed3de261c7db6330ada35ebe706b9aa54266fbb843a727bbd0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 05:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70581
x-xss-protection: 0
last-modified: Wed, 31 Jul 2019 21:01:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 05:13:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B4E 0
0 50ms
50ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtiEUZD_qpnxOGBVF9RIkr0sYzDsqYd-3kDPue55RhVa97EvxSaEHh_3eiJ4TWivCa4VLGfE8DehjCsrVKcsxgwuL9efJ03ExexhmApa6-dt-an5wzL9FOFUQm5Cthe3rGThuRyLaLAbaRk7o-mI-iK3iVPBnNypuVQPZ5fYn0rwzJ9Z55QThUvmu2KdmiAd2UeSluplxedl21mWbMfwhU0NOlzMCUSLNOWBfoMRpQlG62cJyJVifgi1BlJE8MCsh-bT3ohMKbM_LqZGopJGMzwpvRXNVxx3aMjzd6Js0O3el1Q0mKIkdxItReuO1zGbLGQiEUjg&sai=AMfl-YQDc8AkofZd0ft93apukZkwKyQNwKrZl4KruKSO0S7vkB41hd3cvvc7p9W-lKuK7PsqrGvaMgnJZUjrUVZg32rHWowpYuH1a-Zm8kdTqUuCnyhB9JYT_apFUMSZhYw&sig=Cg0ArKJSzBsJrNtbbBGdEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C24F 0
575 B 77ms
52ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 70F1 22 KB
8 KB 13ms
12ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 266308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 07:50:57 GMT
expires: Sat, 09 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 997A 1 KB
749 B 14ms
14ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 10:43:36 GMT
etag: 48472445140208031
expires: Mon, 12 Sep 2022 10:43:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C24F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5404b3e5ac4cfbf127ad547a7b32f48194a209f8eafbcf45fe3849b5126872b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/ Frame E8F3 78 KB
21 KB 41ms
40ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=dx0fTz4gxv&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_expanding_rendering_lib_200_260.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce8b9718d88d74d6f539ebdb4f72470461f941693421e6da6a205b422808523f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 21323
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 09:49:25 GMT
expires: Tue, 13 Sep 2022 09:49:25 GMT
last-modified: Thu, 05 Nov 2020 17:51:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 92DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKa7LRnoqIkxrDNYuefGo0&google_cver=1

43 B
844 B

28ms
27ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKa7LRnoqIkxrDNYuefGo0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJGvfRD5ipfOAxivnLvSATAB&v=APEucNXslmsJZKn-hDw2KP1ki16Yh0VFln-997DofOAdA7tisoN-oiqNeXuVajqYY5Wfx-H6slQ2uSC1EFk5Hp_Hre4kc8rqMcQwQAisR9MZMq0NZ-oot5KK81Sre0PUO_OPrTnROOxtjn7Fof5IDKKZo_77ojYyf4A8Nr1YsZTI8p9W4U7fp7A
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba8ee85bb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSaHNNEUUPxUF%2F2uEYquTAth75xYvlIvDGiAs2IjCO53tGtyfiTj1Z8Ne4Hj%2F9I56oNvhywpdeS9zabsB%2FPJig5De1q%2FfUG4hHt%2FijYdAYYxFwNqBqBAfVvSkjSWgoa0x0Y2m0QuHQOXLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKa7LRnoqIkxrDNYuefGo0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 92DD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKa7LRnoqIkxrDNYuefGo0&google_cver=1

43 B
843 B

39ms
38ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKa7LRnoqIkxrDNYuefGo0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJGvfRD5ipfOAxivnLvSATAB&v=APEucNXslmsJZKn-hDw2KP1ki16Yh0VFln-997DofOAdA7tisoN-oiqNeXuVajqYY5Wfx-H6slQ2uSC1EFk5Hp_Hre4kc8rqMcQwQAisR9MZMq0NZ-oot5KK81Sre0PUO_OPrTnROOxtjn7Fof5IDKKZo_77ojYyf4A8Nr1YsZTI8p9W4U7fp7A
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7497bba92eefbb8b-FRA
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZwltwv0ghNJIwNUjtgzOTt3oWv6q%2BV6PdVrsBSxa1Pg1QzZ6H0cJZ%2F1IbpHwjWhu1Bt4La57p82%2Bt4i49FoFATkUPDwW5hnh4WwgPeNKkP%2BYtryiCCfVFWwDOTv4mwjVgG404D5LsHaCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEKa7LRnoqIkxrDNYuefGo0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 92DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECSsEws91IkDJH5otPOXUlY&google_cver=1

43 B
1014 B

13ms
13ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECSsEws91IkDJH5otPOXUlY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJGvfRD5ipfOAxivnLvSATAB&v=APEucNXslmsJZKn-hDw2KP1ki16Yh0VFln-997DofOAdA7tisoN-oiqNeXuVajqYY5Wfx-H6slQ2uSC1EFk5Hp_Hre4kc8rqMcQwQAisR9MZMq0NZ-oot5KK81Sre0PUO_OPrTnROOxtjn7Fof5IDKKZo_77ojYyf4A8Nr1YsZTI8p9W4U7fp7A

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:25 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: d8737317-296b-4b9b-afea-61923fb7f743
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECSsEws91IkDJH5otPOXUlY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92DD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxNDc5MzczNjIwMzA1OTU1Ng%3D%3D

170 B
188 B

27ms
27ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxNDc5MzczNjIwMzA1OTU1Ng%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:25 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 78fea884-59b5-4b22-ad1a-d274c6365915
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMxNDc5MzczNjIwMzA1OTU1Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 70F1 36 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 08:19:29 GMT

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame E8F3 110 KB
38 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=dx0fTz4gxv&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=dx0fTz4gxv&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 08:22:06 GMT

GET /
google2waycm.netmng.com/cm/ Frame 997A 0
0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 997A 0
191 B 92ms
23ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGcM0P8Ha8l1VuXoDZoOF9k&google_cver=1&google_push=AehlK4Aflq9bSgbkcHhnBtxqdQBMfc3LJRo-cldlGLu2nnDWVNq9pFvj7PWLWczqrhwN2eVQbxl-GnSIaDrBsbZs4hQkvIgN_Ol7
Requested by: Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:24 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 997A
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECHXjoBFfFj29qZIFXVuxM4&google_cver=1&google_push=AehlK4CUaQ99NX0mOXHZRqmTGrNcETX662XmwyGuTV_FMh_MbpDSjnqDIQ29ly9qFLlPZ-L6ImxcEsuuPKF8az4D1hcR...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECHXjoBFfFj29qZIFXVuxM4&google_cver=1&google_push=AehlK4CUaQ99NX0mOXHZRqmTGrNcETX662XmwyGuTV_FMh_MbpDSjnqDIQ29ly9qFLlPZ-L6ImxcEsuuPKF8az...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CUaQ99NX0mOXHZRqmTGrNcETX662XmwyGuTV_FMh_MbpDSjnqDIQ29ly9qFLlPZ-L6ImxcEsuuPKF8az4D1hcRlUncTw3F&google_hm=-udWi0P8R9a390WEUAHnSA==

170 B
188 B

24ms
23ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CUaQ99NX0mOXHZRqmTGrNcETX662XmwyGuTV_FMh_MbpDSjnqDIQ29ly9qFLlPZ-L6ImxcEsuuPKF8az4D1hcRlUncTw3F&google_hm=-udWi0P8R9a390WEUAHnSA==

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CUaQ99NX0mOXHZRqmTGrNcETX662XmwyGuTV_FMh_MbpDSjnqDIQ29ly9qFLlPZ-L6ImxcEsuuPKF8az4D1hcRlUncTw3F&google_hm=-udWi0P8R9a390WEUAHnSA==
Date: Mon, 12 Sep 2022 09:49:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 997A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPiXlP2C-Kqpiut3KuExFok&google_cver=1&google_push=AehlK4CzpZzvWoQGhl0-y6txJ7i3-HHOEczyhpUSr7gqUvam7uZklXXmAnBI4k0WF5cj1cKG0W52gm3_rWqYunWOueAl2HH...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CzpZzvWoQGhl0-y6txJ7i3-HHOEczyhpUSr7gqUvam7uZklXXmAnBI4k0WF5cj1cKG0W52gm3_rWqYunWOueAl2HHToIGC&google_hm=NDMwMDY2ODA4Mjc3NTY4ND...

170 B
188 B

25ms
24ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CzpZzvWoQGhl0-y6txJ7i3-HHOEczyhpUSr7gqUvam7uZklXXmAnBI4k0WF5cj1cKG0W52gm3_rWqYunWOueAl2HHToIGC&google_hm=NDMwMDY2ODA4Mjc3NTY4NDk%3D

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 12 Sep 2022 09:49:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CzpZzvWoQGhl0-y6txJ7i3-HHOEczyhpUSr7gqUvam7uZklXXmAnBI4k0WF5cj1cKG0W52gm3_rWqYunWOueAl2HHToIGC&google_hm=NDMwMDY2ODA4Mjc3NTY4NDk%3D
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 997A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM5ygGGCCL27gEvf-tu8hwo&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM5ygGGCCL27gEvf-tu8hwo&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&google_nid=index&google_push=AehlK4DVOFxfU7z_t09vtFFSJLBwFZvb_KpKN...

170 B
188 B

24ms
24ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM5ygGGCCL27gEvf-tu8hwo&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&google_nid=index&google_push=AehlK4DVOFxfU7z_t09vtFFSJLBwFZvb_KpKNWVix7z7NZ9OTcuJ8cFGGZ7I3-4LOzgVds30xLhFn6P6F8LaNaoyGi9Gw6Z-VUNI

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8RigLDX8%2BIYVGBkCqC8pGHIKcqkMuviJFy43b5xYSs4so3MRCV4fSRaTL3qrHSAF1Vc6X%2ByG5crYv4a4MRIEu4EO1J8m4c3Ru6DQ6FdhnGtGRsIbo3384iFXXnDYxemsZp%2FU1PZBF%2BNRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM5ygGGCCL27gEvf-tu8hwo&google_hm=Yx8ApD2dW1ynZ5zixXFu2wAABI4AAAAB&google_nid=index&google_push=AehlK4DVOFxfU7z_t09vtFFSJLBwFZvb_KpKNWVix7z7NZ9OTcuJ8cFGGZ7I3-4LOzgVds30xLhFn6P6F8LaNaoyGi9Gw6Z-VUNI
cache-control: no-cache
cf-ray: 7497bba91a2d9c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 997A
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEOoK3Lq6FvtMmGQHyPQj1e8&google_cver=1&google_push=AehlK4AkuSLFv5Sn7jVMz0yhxhuNg8Aahp1DLwNZcxPSxGZyg_jPHl6g6L-urc_nxrtr0viy8qyBQTJY4Z-ewZQ3HsGhnM...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOoK3Lq6FvtMmGQHyPQj1e8&google_cver=1&google_push=AehlK4AkuSLFv5Sn7jVMz0yhxhuNg8Aahp1DLwNZcxPSxGZyg_jPHl6g6L-urc_nxrtr0viy8qyBQTJY4Z-ewZQ3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=74HrPtQ6TdWIUn64y80LMw&google_push=AehlK4AkuSLFv5Sn7jVMz0yhxhuNg8Aahp1DLwNZcxPSxGZyg_jPHl6g6L-urc_nxrtr0viy8qyBQTJY4Z-ewZQ...

170 B
188 B

25ms
25ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=74HrPtQ6TdWIUn64y80LMw&google_push=AehlK4AkuSLFv5Sn7jVMz0yhxhuNg8Aahp1DLwNZcxPSxGZyg_jPHl6g6L-urc_nxrtr0viy8qyBQTJY4Z-ewZQ3HsGhnMTAedpx

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=74HrPtQ6TdWIUn64y80LMw&google_push=AehlK4AkuSLFv5Sn7jVMz0yhxhuNg8Aahp1DLwNZcxPSxGZyg_jPHl6g6L-urc_nxrtr0viy8qyBQTJY4Z-ewZQ3HsGhnMTAedpx
date: Mon, 12 Sep 2022 09:49:25 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 997A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDFVLxfoF3WzIVB-V6vD9Uw&google_cver=1&google_push=AehlK4BlUsTQTswEu0ZkOOKnAwAakDV6GgP0sKwTFq3qEnl17z_TOhHIGpc7Jeyket8god5cUOlNCigA6TWxvzXwpTHZ-8mZr6hp
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4BlUsTQTswEu0ZkOOKnAwAakDV6GgP0sKwTFq3qEnl17z_TOhHIGpc7Jeyket8god5cUOlNCigA6TWxvzXwpTHZ-8mZr6h...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY0ODA4MDQyMjQ5MTg2NjYwNDk0NA%3D%3D&google_push=AehlK4BlUsTQTswEu0ZkOOKnAwAakDV6GgP0sKwTFq3qEnl17z_TOhHI...

170 B
188 B

23ms
23ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY0ODA4MDQyMjQ5MTg2NjYwNDk0NA%3D%3D&google_push=AehlK4BlUsTQTswEu0ZkOOKnAwAakDV6GgP0sKwTFq3qEnl17z_TOhHIGpc7Jeyket8god5cUOlNCigA6TWxvzXwpTHZ-8mZr6hp

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY0ODA4MDQyMjQ5MTg2NjYwNDk0NA%3D%3D&google_push=AehlK4BlUsTQTswEu0ZkOOKnAwAakDV6GgP0sKwTFq3qEnl17z_TOhHIGpc7Jeyket8god5cUOlNCigA6TWxvzXwpTHZ-8mZr6hp
date: Mon, 12 Sep 2022 09:49:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 997A 0
12 B 23ms
22ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KsdTEHxzlkbYAEc8MW4vp80jbYWjFRjrC_nPEAsGDISBkPzdRWQWHzrK-mB50p1mP5GZ_2

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B93 0
0 51ms
49ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpk8MDNVXyzb5z_O3VzydqTuR1zujARJOqMncK7mrgMZlcOt__jdWRn9I_NWA_PjgaSWoXFg_M3rtYclW2RljQKU9ujW6biwtk_kt_B5tkUgzmydCeomLy-gpE6TEuUVz96Ir2h4H3fJOCJPTfklHp9-IwENBf3wHpwXtOBLWYmoeXQw1Cao62ev0ITjXMBx-Zosdtx0Rm2xWk8HbQ9b3t0TRzD64YjKqgbwGtxKuLLdw_Gu9EYjDnq6xk3X6KXm0K_RUXXlAQC-NOVdR2XdtJd1UmwzgMO4GzXp9IyJlGgCdMjAGS4qR2nFz_2D38c1tnmvuxJoHz1NVyGYsf_iAUzTbI63GNMIdIE8QsmZpJ97Np_9568VEasIA&sai=AMfl-YQoZseIjqGmJu8gZonYoNZK5aTMr3P3XTytQBYYeKZfr-mbFUcLfoOa2a4bxpal86UybiYlhTVK6pGMpZL3HdALpkerOZAFxx_Q4--5PnmCdEfcLWPz_R0Gxz3dWiA&sig=Cg0ArKJSzOb_kWjWdPoaEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 9B93 3 KB
1 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 09:27:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B93 141 KB
44 KB 54ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 09:49:25 GMT

GET
H3 200 9360749518699349282
tpc.googlesyndication.com/simgad/ Frame 9B93 6 KB
6 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9360749518699349282

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02be4814af7695fbd75e69d7cf079fa60f013ffdeda2f0da49fdcca573fb99a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 07:01:42 GMT
x-content-type-options: nosniff
age: 10063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5719
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 12:46:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Sep 2023 07:01:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9B93 0
0 22ms
21ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSD-2Sd6N8pUiIJ9hfBBoFPhzeHnJu-ZYopatG1-joLQEZHRHb6k0h6CL7_7SIb6ELg-5hrcLfiknKkWZi0zHGERm_eZg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 container.html Show response
d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A80 6 KB
3 KB 13ms
12ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 09:49:24 GMT
expires: Tue, 12 Sep 2023 09:49:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E8F3 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E8F3 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9B93 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 247929ba38d6d0ee26078d79609262f2cc4374e55702cb1902cbaad172b0e45c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 71BA 17 KB
7 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 09:35:16 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 591A 0
741 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:25 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 586b541c-ac41-4d25-ad8b-e1bfa61c34bc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame ADC0 0
741 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:25 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ac19fa76-243f-4614-ae01-71f46be1c2c9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3786 0
741 B 13ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:25 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 463bcbe6-86cd-4841-bdf2-9282aef9759d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7608 0
741 B 29ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Sep 2022 09:49:25 GMT
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 222d028a-d59c-474b-ae26-c705af84a2bd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E8F3 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E8F3 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E8F3 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B4E 0
0 49ms
49ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstM-ttnIHAZb37h5URxsMoGmFKw1-VUjbL95K3etNFbnVjfzB2i6_Y-sqEzb9eewhl-neuk328aAnAiGt6aJQs0DHnJ7UknQLKIpCikTlrOITdHUVx7RNAetCwhT_Wo9XzE9wVJ0zWIb2uZybGG95fuja42lm7t1ogbNexej8VbF2dOni7XPBgTclTcPuoslcXMMdy4X_zYXGexSZ4tLO8H5Y4Z4fDt9dpw5QXkqEeE2NbjXV5NNstlAGn6Y7ww2-zTeJDe3O6GpA5qB2i-N4ELct_JI8q9og1w9vPd53YdF-GDhGs9lGvQ12NqOusEnEaYhm3r2Tmz&sai=AMfl-YQlyirQ_ZIMzpT3FuzRGdb8BxvNRFGQN45q4ywRwSA6mCOJzM0Z40p_FRccGBzCq26fnVQ1hKHPT7QYrpHJiveNBw4Ys-K3JvQSWHFPMIKHoe3m0dYGy1ng1bjs29o&sig=Cg0ArKJSzN77G9nVjM_9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 09:49:25 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4961 0
0 49ms
49ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdPGOrb-mWwAz5YNInSgeWM1ZMvpYDxQ-DGrn7iSxWXFsiN8XBB9IljxaiqfgXt6kcDKsdrbJktKHJsQX3yCiQe5OyES80SWYuXKxZJZnJBfdfqynlvwmgsGRZZXgiO2FFBVQpE_AU1uWDqVDPXU4Bi1yKIOBQT0eTrSYv2vgU9E58o0LjtLX8VjNw7LfKhAVeSDRe9XO5whWoApqmmnWx0YcVO-zgq_ZkGLFzJrEhkqYFQH_3iRbPcOUrSv1ufCmdvXUdGImSl7aNBan_2tqJreis8Zmrq8Hvza7ZwBj-RSe_vnPZoA2wIWBBmJXgy5AASvJq&sai=AMfl-YQLp_pfgv5YHz7tgdBfcHHa5CzzadJR-Gdiif8Xg4DmLJ5VxOXN8geohF8gok1kCp9hXRyAdotQgKzC2atL2LJoOg4FOtW6For1g7B80X9J-3MuioIv4if9Vf47Qw&sig=Cg0ArKJSzOPyJ1uCKsN8EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 09:49:25 GMT

GET
DATA 200
OK truncated
/ Frame 4961 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7396da17c0378d87bd8b16432a5671dbc908d33ea9eff0f5637e06a5d2c0b5d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5543 0
0 50ms
49ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF5TknsYyTJ3bMnd3gpMgj-nfu_4jO96NUEcfUup7Fdt9o0hKWmmz3ydXG0JNKyBETIExemhYgaliSUHETD8I8uIUOTJf0gmvRbEpsykxlAWhcx8VS8OEr131cB6NayO-uzwHibgb0iOD3fZpP6M1qlIDrV73_SQZqchPU1ZrbMQpwA1fj7Hsc45CUfsW90rmysifoo83fjGMCCvBNqb4zBrvcRiZU2JjUDojRHkE19tUyMf29La5k5MWmZv8Q2PfzYr8n5Xl9ygrEm0uA19RhELY3eviePL8pQzqzZCq2ep-yOjHktPDOsqxZstWmT-5INeXs&sai=AMfl-YQSHnRr9Qrd9YdITNzflpiZdAB7TfiTLW3uLJ2-Xf1IF6XO2-UP13475BKjKHC6a5Vdz8bZTFVZaFsLKN1nWKy_neZ56Mh50fnf-FQAE1_A2Uxs56-IT1KQIclmRg&sig=Cg0ArKJSzPRPZOk29n1IEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 09:49:25 GMT

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
336 B 148ms
64ms XHR
application/json 52.213.127.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f07f23b3443818230274c17ee7f1e38065895f94d37218b9f9f6579a443364d8

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
x-server: 10.45.27.249
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 204 id Show response
id.sharedid.org/ 0
212 B 564ms
175ms XHR
text/plain 34.209.30.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.209.30.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-30-241.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kold.com
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
387 B 35ms
35ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 5072b1e7b0d89ecedbccf5b44e23dcba3a03ae194f1f251044377f1fa8398f39

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 12 Oct 2022 09:49:25 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame 554D 190 KB
25 KB 15ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f3fc818c7249993eadd02caad3f9a5de47a06ffd04f3f43ee9318eafdb34336

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 133177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 25104
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 20:49:48 GMT
expires: Sun, 10 Sep 2023 20:49:48 GMT
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2A80 0
0 58ms
57ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEbtCpAAfY_v-PIXF-gbW9KvYB6am2P9qgMXFhZkPrPKkirwrEAEg-b_DI2CVyvmBlAegAYOklNACyAEJqQKGvsSd3diwPuACAKgDAcgDAqoEjwJP0KW5xqCtlBQwZ4Q-UKnztF7kpzesVhn45B1p7ZtLMHMy1SWgLEG-ypJqFEiO7N1zKFLXnan2Es5VM9PFIYlMAe0ytKrbHV_5y9XTvfiuWFmLbP5lB1IwMGmuQ1aYDENTmCsAHh24v4N_v35jJ4-oxGVpB8sHkqe_kZ0eWTEoZjOtYjxSiBOUfsWi1Q7c7hL1m-FIwJEd9haXNLHFoWzCEV07OwhA7arBoK47vqV6QWHClyk2wiKS_bne3hWAXMpPOJl3YQAwZcfJ8p0R4Wh8CN65DQXtr8dtRkmH0ddryI8lCMx8_C3ntEegoNW9Vi7TlZ_glve9iTdebqWHgyQil1cPY_MjyiGSpSSQIfgpwAT-3-Wj3wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGXYAH5dvrrwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD_uTfSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0wODgzMTI2NzI1NzczMDI2GNmQHQ&sigh=aTVsMgt4Br8&uach_m=[UACH]
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCA3 143 B
163 B 16ms
14ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 09:39:21 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 2A80 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 09:27:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 2A80 17 KB
7 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 09:35:16 GMT

GET
DATA 200
OK truncated
/ Frame 1B4E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adf2fe28aaece32a02a9b4507a3751f5654f922c9f0fe7bff93a4bda9280a105

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B93 0
0 49ms
48ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1_FgOxLl0cU0UDO5zs7mmaxcvY-2-y1Xr-zMl4SxkO5h6EGwVrzTP-915EkPEMm6RMWJYwKU6uVkmi4ag-0li5jmkyIYkDPIo-PEcV5KJmRmaeJjZuzcsZwAeV0X-Wh11cgiToqkiJ8XJ9K5frlY1eI7BOsDu05uA26W_bEuQIHY13G4Ta1v4pjnvrOyQXaB6Kfy5X84ufTyyqInMGzDXGgWL6sOqvXYpmctR8lSgKjE4zLaTzyNBtExlFkLpJ0I8GR5qkqYBbakb3J6gPrxw5SM_ICmTiK96UxFLV_BhTVEqZbrfbS7MLJKTkT9yBp953tAnq8_Iw0KtkmhO9jC7DozUkHZ5nZTWrDd8a0f4BunEDECivuh2NXFRVA&sai=AMfl-YSBLw2cgblB2JDgB6m9R7DVdWSNKeUz3Lh1eTVhSsu7N6hOXIlUSopTyOwl-zmTzvDw8jiZT1Ybknhj3jgqsZfMpz2MGZkJV-xwQJPjXIqhIqydJ9GCldQdjLEMCoU&sig=Cg0ArKJSzLCt2-6JARqnEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 12 Sep 2022 09:49:25 GMT

POST
H2 204 bulk Show response
trc.taboola.com/graytv-koldnews13/log/3/ 0
61 B 29ms
29ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-koldnews13/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220911-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 23
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
via: 1.1 varnish
server: nginx
x-timer: S1662976166.506294,VS0,VE23
x-served-by: cache-fra19144-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/graytv-koldnews13/log/3/ 0
250 B 25ms
25ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-koldnews13/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220911-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
via: 1.1 varnish
server: nginx
x-timer: S1662976166.507614,VS0,VE9
x-served-by: cache-fra19144-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.kold.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
755 B 7ms
6ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.kold.com
URL: https://www.kold.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 9156
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: JaB2VZccswddTqwJ7/mcediCDg0wFFInP8HOv6ivSWhba0pfTqAJTJNmShXPe3AZIWkTu7d0lpI=
x-served-by: cache-fra19144-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1662976166.511731,VS0,VE0
date: Mon, 12 Sep 2022 09:49:25 GMT
x-amz-request-id: DM4W3S4YY3F5F4G8
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 18
x-cache-hits: 3288

GET
H3 204 l
www.google.com/ads/measurement/ Frame 71BA 0
0 21ms
21ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTC_iwsnFlh1DToAtbDyFeIY12kLhNcDkKBs098TZgKsmfJoQ-27JYFGkSkkMiADjSXk1tYmZzo_5rE9H0oR4ry4oJL2A
Requested by: Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 71BA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4e1b99e3fd7142a36b53c09e8a4ef10d4cb1d3ddab917fc3f8cd4766ad43fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 554D 2 KB
436 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis:700,regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed3bca384bfd98efd0857d80115eec06ba8aada62fe5c184f8c01ec9508344af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 09:49:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 12 Sep 2022 09:49:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Sep 2022 09:49:25 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 554D 16 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 07:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Sep 2022 07:40:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 554D 26 KB
10 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 04:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Sep 2022 04:52:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2A80 0
0 25ms
22ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3i_pSuOlXK1Hpv_KocfNM86dtgfRWek-q5OoBZi9EK_DdF_WZYS4aiO8sHwvmtZzroQVSgBFspDRvKyXs_LXu3DmVMg
Requested by: Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A80 141 KB
44 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 09:49:25 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCA3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

25ms
25ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 09:49:25 GMT
expires: Mon, 12 Sep 2022 09:49:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 09:49:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2A80 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aab33303443d3e3506b038f8610f6129fed5dd4f114d63d3da6e729d8462fac7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HhyaU5sn9vOmLzloC_U.woff2
fonts.gstatic.com/s/dosis/v27/ Frame 554D 29 KB
29 KB 45ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dosis:700,regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d88c1280c412b1bccb32e6d99da3369feeb3fae8b64900e7066a1829385699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 02:34:16 GMT
x-content-type-options: nosniff
age: 458109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29436
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:56:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 02:34:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 70F1 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BN-6cpAAfY525DsHJgAfbiKq4CQAAAAA4AeAEAg&bg=!eXqlej7NAAZTikH4c4o7ACkAdvg8WmR9UqC0vy-Q1336Gj2yexs1OxAjNDhJfY2TKi7Xb6ici2u90QIAAAERUgAAAAJoAQcKABiyBu2HE5-ufbEsNMO2M9qdKbAMA9txQgiZAzaWZ8Lwto70ojrNarTDSGF0JSpO5wnmBGs6d-IobqNfXwxC5OZZw5G-fNprtDZnM1ClTLunCzP6HMu19GJVNCM1mn99lvdEdqjaTxLk7StL3hrJroGVhtrmWdfZTFHRUGJUOAgbdI3TDvlZg5PH7TD3oWx8Q-KhgteT8U58aBFiimMPZ56dR3X-8bPBcIXcCwZ8YmfW3bBhjJDzCp0FbmAOGOtfpLOgrxhHF90MSkg1VnU8FQjmza-pglfzFkeZSziuf039ObyQyOCIZxt9RC7v6BVbK2dMM7f32waSTUaFzZxDDbmOTl7Je8hp679mxTv8ZmveID8rEU_oU90P4nOiWcdanTU-pwEptC5ooLz51qa3xd7w8bRRb3_cPJnKBpXqsqoQYWwxmf3xmocxFYb3ksc8MhpmedKfSZTIxUk6-IcdfxiPMEpitdTjTSOG9-QJbXeVgukXsq1SYOdMz9j_oWQpe-bZWGV6rj1MSwfLDhFn9rJRQ2ZFWC61jw5sxfVaOrUkT52v6ZYZogqreUJhRew0rNAuY_ToCzYRp31qj4Uc0qdRW7y3SX4Cg_bA6TKjmMaX_nzwDostP0MIrexFHtuHxaPyfbCvPB_5l7XDjHVoFTXc1n71sn166MR2BhbcA5tuS7ZdRJYJPRuIboQ5FU-3l6VpSqMFWlCiRPdGujMCiJz5vitkCJ9jGC-gAB2xL76zQdwOnmF7X3EfeMlpibTPNBmTKRN2xmr-7d0nJ0lDMbjUZV18RS90ZD9LGyqFBvLrvvKcp729T-MFrtwzvIdf2CYQ5R4jFdxqf_lt1xzWDgljF1vRzBGLddesWcGJ7z-LM41FEMTUYEL28Nth5DozTMRkAsZm49rCpH_jqVuguVNdE0M2zXGYulWzo8rZkru7PUdiFShzu0PJKt2gzr6kyQnnwM7Sy7TND5AW6Hyhm7YZfTxpgZzIzyJvcn40TRq_XDvjkcQEE15STQ0jnV4A90bJYZgjo3Dar4ZoeWPI4UiK5-8ShwVUsv5aN7mkdDkbZYErzhAjCEXCxSpOCRyHR1klXu8wZpkUd4gcYbML4g9VOKuY25YIZshHMGjMImlC3D4

Requested by

Host: www.kold.com
URL: https://www.kold.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 91ms
62ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7011c067fa09c4dda2f1d28bc30640aadf146c7b6cbd317a928426db62d5a277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Sep 2022 09:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11200
x-xss-protection: 0

GET
H3 200 970x90.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/ Frame E8F3 87 KB
87 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/970x90.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ee1d727cb89b739a9ed11ffaac0cf86f49c719749320168b04e9e29695e3077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61615318/20201105095121818/index.html?e=69&leftOffset=0&topOffset=0&c=dx0fTz4gxv&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 05:40:08 GMT
x-content-type-options: nosniff
age: 14957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88667
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 17:51:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 05:40:08 GMT

GET
H3 200 logo_augletics_small.JPG
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame 554D 8 KB
8 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/logo_augletics_small.JPG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

502646476db88824868f4aa280010eb4851107974aa14d493f531154144dd640

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 173339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Sat, 10 Sep 2022 09:40:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Sep 2023 09:40:26 GMT

GET
H3 200 AUGLETICS-Eight.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame 554D 46 KB
46 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/AUGLETICS-Eight.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

651972d44c5e2297ace77500deda284819df62ec9c2ce5aad51ce19894869957

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 242146
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47346
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Fri, 09 Sep 2022 14:33:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Sep 2023 14:33:39 GMT

GET
H3 200 AUGLETICS-Eight2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame 554D 45 KB
45 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/AUGLETICS-Eight2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72cefe9bdcc3c42576fd4427e76fe35450441d5939583688692cb1ef26806000

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 242332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46135
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Fri, 09 Sep 2022 14:30:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Sep 2023 14:30:33 GMT

GET
H3 200 augletics_eight_small.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame 554D 28 KB
28 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/augletics_eight_small.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ceed88b14c0a87a8834d23fafad5a9ae0f9d442a1a0c91ba54d6a2199057b38

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 242146
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28813
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Fri, 09 Sep 2022 14:33:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Sep 2023 14:33:39 GMT

POST
H2 204 /
684dd331.akstat.io/ 0
200 B 125ms
70ms Ping
image/gif 2a02:26f0:ea:4ba::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd331.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RZPXH-ZJA7Z-AV7SP-HJFRS-6KRNV

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:ea:4ba::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:25 GMT
content-type: image/gif
access-control-allow-origin: https://www.kold.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Mon, 12 Sep 2022 09:49:25 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 09:49:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 31AD 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 09:32:53 GMT
expires: Tue, 12 Sep 2023 09:32:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 198B 783 B
534 B 25ms
25ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

37ac3757cfa2939059aea3a44eab79e1c7ae6a0c58ac6622f0f08e2cfc4f88da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hQuath6IjxmDoPM9NFowDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-hQuath6IjxmDoPM9NFowDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 09:49:25 GMT
expires: Mon, 12 Sep 2022 09:49:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 31AD 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 22:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Sep 2023 22:10:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 198B 0
0 47ms
46ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090601&jk=1972122745310307&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H/1.1

200
OK

results.txt Show response
eu5dv6accjhy6yy7acsq-p3xubp-465355dbd-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p3xubp9z9
https://eu5dv6accjhy6yy7acsq-p3xubp-465355dbd-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

129ms
17ms

XHR
text/plain

2.18.79.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eu5dv6accjhy6yy7acsq-p3xubp-465355dbd-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2.18.79.143 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-143.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 09:49:26 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://eu5dv6accjhy6yy7acsq-p3xubp-465355dbd-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Mon, 12 Sep 2022 09:49:25 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaazgbagcqaikqce3ydkaaaczrr6afg-p3xubp-a5927c5ed-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p3xubp9z9
https://fiaazgbagcqaikqce3ydkaaaczrr6afg-p3xubp-a5927c5ed-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

163ms
6ms

XHR
text/plain

2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaazgbagcqaikqce3ydkaaaczrr6afg-p3xubp-a5927c5ed-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 09:49:26 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaazgbagcqaikqce3ydkaaaczrr6afg-p3xubp-a5927c5ed-clienttons-s.akamaihd.net/eum/results.txt
Date: Mon, 12 Sep 2022 09:49:26 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 31AD 0
12 B 13ms
13ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?N8n8XA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
180 B 99ms
21ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:26 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 101ms
23ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:26 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 101ms
24ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:26 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 102ms
25ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:26 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 101ms
24ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:26 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 102ms
25ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:26 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
92 B 102ms
26ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.kold.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:26 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090601&jk=1972122745310307&bg=!a2ilaCzNAAZTikH4c4o7ACkAdvg8WqkC4CwzW5X5lX8umGgNw4f0bRwD1u-GXMo4u_8_0ej2-KNcNQIAAABDUgAAAANoAQeZAuFv3pNoCkWY0ehy1ChToe7mP3A8A9jpXFLDwp2G_FFWjHiYnYrBEcZ1phqBRUgdoxLqrf9ZLzfhy3JISREwHXuqW6U6M532QeEzIlwCQmW_j-2ytMmsxyPY_u-YPikJndZkTDDmswBmDiNz58y0XpO-5Im0Em05WFElD_gJeUtOJHAANU-z-DSXptyLP2AO1AwWuLr9CI4X1Aoqii4LUAKdyNrYzSH74vQZTRqmcnwpqplalp20z6rribVVrMOQAQsFRDSGCN5RjzYgYwjO-LHnmHFzYl8tkMxGABoUfKT5vW_70vEXQiKha1kfCyJHYLFgBd45iuzeMv5RWEyucRGY5KjSIox2H-v3zsc4ZE7p2QesgyDYQfjPhZhf-sYLrFr_B0KZdEKgZEZEX1EJOy7NtAgmCkCFuoIah_RRHfJqw4F7mVs_LUMVR1RWj9Q010WAMmnoN4JlEYIbQosQVwd_WIZvCOUZ15mD_VvzBG8pZa8Nvd5rdFYhARMkpnIK9xEgbZQgRiUXiP_AIedmC_ZXkmb7E8ux3Lch8Q0Ehx55wkRlekEy6vJqd1gIDm3PFAM674-oKcuRGgm-TxaB0gRxf-IbVsIo4i3vitQvWht53wH4YWt6-zpys9QKsHqLM7ISwFjnDy-g-APyxFgWu9awEx3ljqk1CBtalL7lUeAs4heubLK3h0fI1946itJ01BatSkzMdHgkLWl86zHZnlwkEj8LVXadvqMuFl3rwRRyd1g35vMka4LjtXsYwf3_SViQwwqWNeRQHZEnQNCHEUNq5M9ZJ90oLA5bsNCocUbAQ1DjEgJaNr1lDb6QEImzUZCP6INm3N6yzSTmq4KsWE9mB2Zhy4Xbx3ZgzdZNa3KCUtzevzyDbyewA4sCMVYxqjpBOPyqgzxmeX5fg8YDkU3_tYxR_ap0_R2_UIT1RQHixRVS6g2EZJIlouTcPgh-fhBMw6nnZRyXe8yX1w2PnvOwYg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4961 42 B
64 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst77eSaSIeVf9EYhF6bxjX9p3AORJHPFMBDsHFUAvY0lgb5COmQqMOi9OgNrLVM4ItsAufDZLCsZTE1cuxjMbYpJ6HcTNHMB1aJj5QuwQC2VNRCDUva&sig=Cg0ArKJSzG7b5V64_S4wEAE&id=lidar2&mcvt=1000&p=629,1135,1229,1435&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220907&bin=7&avms=nio&bs=1600,1200&mc=0.95&vu=1&app=0&itpl=3&adk=1478034852&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662976165024&rpt=419&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B4E 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv83LXyDY5tyLf48iT9P8_l5xM4C3N83MIPvk8b3kwyrL5_ZxTHEp8d1Z6H7kmjj65E00HtDJ-1mz7txPqQJSVxw7AnGloPTYSE2pFQz1_PLgFPYsVO1Ea_1uyzloN8RVTrB5_gq1nFuC2Zl8-oRfUsOrch4js_qqLzsdVUcUEAXO7IgayrPUFu93wtVAdY0ftlOeakSUGu1dqsOzmcGHsYEZDEoSLW7XR3jZPAo46iTWZhlnny9KmMPPyTyF-MZsgFSsIcAEbmcZ3qELT-gYUN68rporgO02wvnJiY-Jpu2pTe941-ohpCHjBZtQcHGxX7gs2qQhfwKBwC&sai=AMfl-YRmZfGN_T8BRkPVVkf2MI6Fhqiy_0B2bB9QASd1UCO487Qh2sb2eWwQaU8DP9YjqeT59i2fpWoeF_49wUu-urHLmgNDTgWrFxwjPSh3PNDW7Aul4SNYysCjf-didao&sig=Cg0ArKJSzASU8loY6ozKEAE&id=lidar2&mcvt=1002&p=186,-150,1386,1750&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=19&adk=3810531413&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662976165038&rpt=368&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C24F 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSLg1nYrUH80Jvbz_rb9SFpvQgoRs0znMt6d9QTAm7gwiZsEgwRquihjk5y_dznH5bm62m4EtLt91BHSXXdtW-oXb_esu9y-das4C3Gat38vHXlbY9irPlYKzKQDqnGQJW9QsqBA&sai=AMfl-YSolBPjpxHbfScI9DfjtVwU22lEKGMqs50fa8_6qlico0eIXYGMh9Z_NE0keM2hsBpF1VukPuArxtpsorF_Tavr7gcARqxThs0x_4qwGiE_OdfXnYK0wfoENp6H&sig=Cg0ArKJSzGJKppcuvhLtEAE&cid=CAASJeRojdKdEPFT7W-oCWdO0fjEkGpCniEudiL6abIVfLy4Kx0_0EI&id=lidar2&mcvt=1004&p=1109,288,1199,1016&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1014892926&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662976165112&rpt=304&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 7ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220911-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding: gzip
etag: "8cbcf8a5c724c32aa9be09d14a4c624d"
age: 173
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 923
x-amz-id-2: F8fWGFzrdVWhLupDq29v1CrVWyVHDJ9VY+NHsCa4kuz5A8ARCJsgs4Rw523OOwMbXHN72uV0Dsg=
x-served-by: cache-fra19144-FRA
last-modified: Tue, 05 Apr 2022 10:34:30 GMT
server: AmazonS3
x-timer: S1662976166.442884,VS0,VE0
date: Mon, 12 Sep 2022 09:49:26 GMT
vary: Accept-Encoding
x-amz-request-id: ESE4FK737266DTMR
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 18
x-cache-hits: 489

GET
H2 200 / Show response
pips.taboola.com/ 64 B
238 B 35ms
6ms XHR
text/plain 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: f76be8aeae1d8dfd158c47335ed63dc38df393e4e4d0d227bb94962cdbabbede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:26 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19142-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://www.kold.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 359ms
88ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=1bf49b19-f2c2-4292-80b2-b5c1922da1ef-tucta188623&uad=c88b840f447f11dd645c51a5e9f381774f4c89becd41b0e094b005faac64b4b8
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Sep 2022 09:49:26 GMT
cache-control: no-store
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B93 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJXfORkTeVeiQNnd9xMydY0cw8zT4A_pIY5Df7SlGB0TMsrbeWAAzuA4vllnN66GUwE-gCaydX6TOUtnfGgIAKhfKcM1-63-s-Wg0pJrfqYYYdxRTC&sig=Cg0ArKJSzDAGfH96gsl2EAE&id=lidar2&mcvt=1000&p=519,1135,569,1435&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220907&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1640516046&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662976165325&rpt=173&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A80 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-V8IqohavTTN49T8PsiDnUo8UZINzoXn0MeKVdIfmn-gWSWoBnVhiHPF8C43bgNZyfQ-R5XGMO6STbFT3-G7eIA021R7Oa_U_8d7TeiRC6JCZUb7qkXl_d5I3_a_mhbRmex4fHA&sai=AMfl-YRegZpDsOjDfH8Y8j5fHhSkHaR5lXUbQz_Mih1GGIt-kAZc3DBcFhxXFZfgAj56HHDcnKxyQwmo9LPFjbdCYyZP6fyDSnGhkRZGSMy7CiLNd0Nxktdf3sYrVRk&sig=Cg0ArKJSzK7IG8cWbzv1EAE&cid=CAASF-RoEgMHyULN6nHUd5bbkIQMFOBf9UJV&id=lidar2&mcvt=1000&p=798,278,888,1006&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=269316136&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662976165336&rpt=262&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 09:49:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
263 B 9ms
9ms Image
image/gif 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=19&c2=10477191&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1662976168221&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20105.0.5195.102&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1662976163218&ns_ts=1662976163218&ns_ap_cfg=1110101-111-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1662976163218&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fwww.kold.com%2F&c8=Home&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 09:49:28 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 43
x-amz-cf-id: rvRGw1PH2MDG2ZHsfpDskHt2_89gJSFkGkYaeDmtsYo2fThxCm0YEw==
x-cache: Miss from cloudfront
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEB6ElhmmhlqOOI86x7nKb7Y&google_cver=1&google_push=AehlK4DQSFS0jUoghY09ofkjcqc-D7r5S9GpIupaR54BqMyB5kEGSm4o7YhxEIznpbrx6SGncrPEzcQKH-HYEDQ2Z6x-TBuMsViT

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.piano.io/	1970-01-20 05:56:17	Name: __cf_bm Value: _.kB2L2LjXmIxjb734MbV_szq5vzLhem7Q_hXZc5dT8-1662976163-0-AeNoN36/WrqfHTdsycrRRlIjo0HPi5rBOR/FrCNLlhFgS4abVW5xXN8ZVdX6jbigbv03lr4LBkMHtUolBEZ5hYY=
www.kold.com/	1970-01-20 06:39:28	Name: _pbjs_userid_consent_data Value: 3524755945110770
.kold.com/	1970-01-20 05:57:42	Name: _gid Value: GA1.2.1818732705.1662976164
.kold.com/	1970-01-20 05:56:16	Name: _gat_RMD Value: 1
.kold.com/	1970-01-20 05:56:16	Name: _gat_UA-154518538-42 Value: 1
.kold.com/	1970-01-20 15:32:16	Name: _ga_RN7RQJ27EZ Value: GS1.1.1662976163.1.0.1662976163.0.0.0
.simpli.fi/	1970-01-20 14:43:18	Name: suid Value: C7F9402CE5A94A54BD68696CD5F62222
www.kold.com/	1970-01-20 15:17:52	Name: cto_bidid Value: J6Fiul9UdHpwSHNLZjMlMkJwdXBCNFFkSjRtQlNPOUhGenJjRmZYMVMlMkZ5YzhZMDlwOEglMkY1TnF6ellzMmk5MzNXT1RMdE54N2ZGVEVrJTJGZGw5QTJ3djN0cklrQmlnJTNEJTNE
www.kold.com/	1970-01-20 15:17:52	Name: cto_bundle Value: 2ukeml9rdE9zbCUyRks4N29qd09ld2ppUGRyandHQlFZaHRSU25sSElhcFVyeVl3NjlxWFM4OXlEbWxRY3VPJTJCb2MxZmI4WVJPZTJYRzZDN2RieiUyQkg5cHV0b1hDMGFmZGR2SGlCeDBtc05DQ0JqTEJPbmJTWkRMQjlRVWRnWW1GY1RZZ2NBJTJG
.kold.com/	1970-01-20 14:41:52	Name: usprivacy Value: 1---
.kold.com/	1970-01-20 15:25:04	Name: _cb Value: NPChVCD4McKB8GUzN
.kold.com/	1970-01-20 15:25:04	Name: _chartbeat2 Value: .1662976163730.1662976163730.1.CY5lR-BtY9OBMqBitDnu6JfCrLtZ9.1
.kold.com/	1970-01-20 05:56:17	Name: _cb_svref Value: null
.kold.com/	1970-01-20 15:32:16	Name: _awl Value: 2.1662976164.0.5-c7e444fb682124770b35eeb7211f15e8-6763652d6575726f70652d7765737431-0
.adnxs.com/	1970-01-20 08:05:52	Name: icu Value: ChkIuZaEARAKGAIgAigCMKSB_JgGOAJAAkgCEKSB_JgGGAE.
.adnxs.com/	1970-01-20 08:05:52	Name: uuid2 Value: 7314793736203059556
www.kold.com/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1662976164338%2C%22visitNumber%22%3A1%7D
www.kold.com/	1970-01-20 14:41:52	Name: pnespsdk_visitor Value: e2nkvo5ofagufwmz
.kold.com/	1970-01-20 15:32:16	Name: _ga Value: GA1.2.158068861.1662976164
.kold.com/	1970-01-20 05:56:16	Name: _gat Value: 1
www.kold.com/	1970-01-20 14:41:52	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D1bf49b19-f2c2-4292-80b2-b5c1922da1ef-tucta188623
.casalemedia.com/	1970-01-20 08:05:52	Name: CMPS Value: 1147
.casalemedia.com/	1970-01-20 05:57:42	Name: CMST Value: Yx8ApGMfAKQA
.casalemedia.com/	1970-01-20 14:41:52	Name: CMID Value: Yx8ApD2dW1ynZ5zixXFu2wAA
.casalemedia.com/	1970-01-20 08:05:52	Name: CMPRO Value: 1166
.casalemedia.com/	1970-01-20 14:41:52	Name: CMRUM3 Value: f1631f00a405a0&11631f00a405a0&27631f00a40b40&e6631f00a42760&bf631f00a405a0&2f631f00a405a0&1f631f00a405a00&2d631f00a405a0
.owneriq.net/	1970-01-20 15:32:16	Name: si Value: Q7162625641584285434
.owneriq.net/	1970-01-20 06:10:40	Name: p2 Value: cc
.w55c.net/	1970-01-20 15:25:04	Name: wfivefivec Value: KuYHonT91OxG4c5
.w55c.net/	1970-01-20 06:39:28	Name: matchcasale Value: 5
.brand-display.com/	1970-01-20 15:32:16	Name: _knxq_ Value: 4f670fed-8269-21aa-2947beea.1662976164.0.1662976164.1662976164
.yahoo.com/	1970-01-20 14:42:13	Name: A3 Value: d=AQABBKQAH2MCEDmGX5QtrVtacqByLBLZpuEFEgEBAQFSIGMoYwAAAAAA_eMAAA&S=AQAAAiIAvjK-2dZzSU5bs6EAde8
.company-target.com/	1970-01-20 15:32:16	Name: tuuid Value: 63c299a8-6e7d-4c5b-a9be-94c666002e91
.company-target.com/	1970-01-20 15:32:16	Name: tuuid_lu Value: 1662976164
.eqads.com/	1970-01-20 08:07:18	Name: EQUser Value: UID=653392e5-2875-44ea-ab06-b866dfb95adb
.doubleclick.net/	1970-01-20 05:56:19	Name: DSID Value: NO_DATA
.bidswitch.net/	1970-01-20 14:41:52	Name: tuuid Value: fae7568b-43fc-47d6-b7f7-45845001e748
.bidswitch.net/	1970-01-20 14:41:52	Name: c Value: 1662976165
.bidswitch.net/	1970-01-20 14:41:52	Name: tuuid_lu Value: 1662976165
.doubleclick.net/	1970-01-20 15:17:52	Name: IDE Value: AHWqTUkUax27-FV2NjLHCoYLfBEyneNlyyGMbN9C9BWfMjKByRJjbcQGhnDDWqENID8
.bidswitch.net/	1970-01-20 05:56:16	Name: google_push Value: AehlK4CUaQ99NX0mOXHZRqmTGrNcETX662XmwyGuTV_FMh_MbpDSjnqDIQ29ly9qFLlPZ-L6ImxcEsuuPKF8az4D1hcRlUncTw3F
.adnxs.com/	1970-01-20 08:05:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?#q/U::!@wnfH8K6pQK`!5=E<L5?%KBaGj7'k`E/(lZvDV4vy@S8=du6?MJ8!X/HK]%nugO%v4VB%nnI6+LwR
.kold.com/	1970-01-20 15:17:52	Name: __gads Value: ID=423971f9b3a1d8dd:T=1662976164:S=ALNI_MZrhDXN6yj7iVSTNCa7_KuGgVsl7Q
.casalemedia.com/	1970-01-20 08:05:52	Name: CMTS Value: 5157
.3lift.com/	1970-01-20 08:05:52	Name: tluid Value: 4648080422491866604944
.360yield.com/	1970-01-20 08:05:52	Name: tuuid Value: ef81eb3e-d43a-4dd5-8852-7eb8cbcd0b33
.360yield.com/	1970-01-20 08:05:52	Name: tuuid_lu Value: 1662976165
www.kold.com/	1970-01-20 05:56:19	Name: _lr_retry_request Value: true
www.kold.com/	1970-01-20 06:39:28	Name: _lr_env_src_ats Value: false
www.kold.com/	1970-01-20 07:22:40	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-12T09%3A49%3A25%22%7D
.kold.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1663062565567
www.kold.com/	1970-01-20 10:15:28	Name: _pubcid Value: %7B%7D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
security	error	URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/4230165074078699441/index.html".
other	warning	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4230165074078699441/index.html#t=7522162442507891332&p=https%3A%2F%2Fd8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com Message: <link rel=preload> has an invalid `href` value
security	error	URL: https://d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/164903383637950464/index.html".
javascript	error	URL: https://www.kold.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.kold.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd331.akstat.io
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api-esp.piano.io
api.rlcdn.com
b1sync.zemanta.com
c.go-mpulse.net
cdn.indexww.com
cdn.taboola.com
cdnjs.cloudflare.com
cdnmetv.metv.com
cds.taboola.com
cm.g.doubleclick.net
code.jquery.com
d.adroll.com
d8504652e92454b48cb2df2741696bb1.safeframe.googlesyndication.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eu5dv6accjhy6yy7acsq-p3xubp-465355dbd-clientnsv4-s.akamaihd.net
fiaazgbagcqaikqce3ydkaaaczrr6afg-p3xubp-a5927c5ed-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gray-kold-prod.cdn.arcpublishing.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.sharedid.org
image6.pubmatic.com
images.taboola.com
js-sec.indexww.com
mab.chartbeat.com
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mug.criteo.com
nep.advangelists.com
operationchicken.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-sync.sitescout.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
px.owneriq.net
r.casalemedia.com
reconditerespect.com
region1.google-analytics.com
s.amazon-adsystem.com
s.company-target.com
s.go-mpulse.net
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
staticcdn.metv.com
stats.g.doubleclick.net
sync.extend.tv
t.pubmatic.com
tag.simpli.fi
tpc.googlesyndication.com
trc.taboola.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
um2.eqads.com
use.fontawesome.com
webpubcontent.raycommedia.com
www.burst.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.kold.com
www.metv.com
www.queryly.com
www.tucsonnewsnow.com
x.bidswitch.net
api.rlcdn.com
google2waycm.netmng.com
104.18.18.126
104.18.19.126
13.248.245.213
13.32.121.37
141.226.224.32
142.250.184.226
142.250.185.66
142.250.186.162
142.250.186.66
151.101.1.44
169.197.150.7
169.50.137.176
178.250.2.146
184.51.9.18
184.51.9.34
184.51.9.98
185.64.189.226
185.89.210.90
185.89.211.132
198.47.127.19
198.47.127.22
2.18.79.143
2001:4860:4802:32::36
2001:4de0:ac18::1:a:1a
209.54.182.161
23.36.162.26
23.75.246.168
2400:52e0:1e00::601:1
2400:52e0:1e00::864:1
2600:1901:0:3b3e::1
2600:1901:0:ccb0::1
2600:9000:2190:fc00:8:48e:53c0:93a1
2600:9000:223c:e400:18:1fcd:351:7bc1
2606:4700:20::ac43:497c
2606:4700:3033::6815:3f36
2606:4700::6810:f015
2606:4700::6811:180e
2606:4700::6812:c4c
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2008
2a00:1450:4001:809::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9c
2a02:2638:1::13
2a02:26f0:10e::5435:a1e8
2a02:26f0:11a::5f65:1731
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
2a02:26f0:dc:2b0::11a6
2a02:26f0:ea:4ba::11a6
2a04:4e42:200::282
2a04:4e42:200::714
2a04:4e42:600::300
2a05:d018:d29:3602:907b:7a9f:e2d8:a678
3.67.157.21
34.111.151.213
34.199.163.65
34.203.21.169
34.209.30.241
34.236.72.34
34.96.71.22
50.31.142.63
52.19.197.203
52.213.127.205
52.216.110.21
52.222.214.127
52.223.40.198
52.29.20.174
52.30.247.235
52.50.89.178
52.59.78.133
52.73.204.82
54.237.24.134
66.155.71.150
00a521082c63ab23b9e2fececbfa7436e1d261e4369b39477eaaed89510a031e
0123b68651830a2433646d068171fef24441fdf9e3cbb5947d038711970098bb
02be4814af7695fbd75e69d7cf079fa60f013ffdeda2f0da49fdcca573fb99a7
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc2c7b7a806dc41008767b294d7f15ed50a9f479a5d62ab4f6a897133ba7c62
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c1ae6c99f2f4dd96a622ba3dd3e03241b9969384f4b161a259f24e2c4375f98
0ceed88b14c0a87a8834d23fafad5a9ae0f9d442a1a0c91ba54d6a2199057b38
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140a59e23e17fb2db96ca2d46ab94e56495a813717ff6bfaf6bf6557f308baae
165bacc6e65f97f8e5fb7ace22021abc3f567c5e2b109a7c3655fc82a8129237
16e7976f7795a81f10dce7829437edd10c61d19aa4be66438e63b56cc3ba80a6
17c6e0700b1251b6efa0f458b28499fceed4feb244f38449229711df59c50442
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18fe82137ef7699d9b14a6acb2b8eb1d45656cee2cb4045022ffccc44ab96f45
190ac2dcf28454bf183ff11add68423e3b9bb1fc2a99e2ca7c70f89227f046ee
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1cb9e32ad9fce79b2e64465148a49f922925714bd4d7cdce657ae59b4e3eaa69
1eebd9b534789cac87e633c079a65d1557c4226f5a831e1ab17ad33e793769f8
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
21e01ea2581ed70b9baa7c8e316fdbf3d9ee0e6fc8a7429e9012f205cd9e91e2
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
247929ba38d6d0ee26078d79609262f2cc4374e55702cb1902cbaad172b0e45c
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
2552e1825bf522ebd1c3df634701a5e9ee49ad261924272bdb10a29d6efcab22
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
284ccab0f59271a686d33533d7bf2b826aafc3a242a26972987b224bdebf4b95
295395be0491744949c2b9cd1fd45424ed72796ce7cd8220ffab768d5ed9bd52
2a6ac1d7f22c8c8051a75e50dfd88af48eeccf5c6fc47e422486decc372c82f5
2aebcf08c1c9fb7a9c1ac23c9813e0f70b6a083a7b1a0f2c42bf186168740d88
2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797
2bfe07371d5c4357bb979bc5ce79cca42212544f560700438826dd0a87d12cbc
2c280f4460dd82e94094fbaf0069ed0217d5d2778d57d3eefaf0d0e6e83f4905
2d3989504c349c740bf360831b0cb07127fe9683f8c5405e6dc90423c77228aa
2e99c500c3f6b50f034bf778fc2f26fdbbf7857ec61e0e72ba5b02db859946aa
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
32dcf5771c75952b333f65d45ecec9fc2413f5f5930bf90a98ecad99215b6002
339437c6a5c2522973d4eeb5be0ccc1c8c911129ac100f84bf10e26c2efd2486
341a2377564d2faa417d392ba5472e6012f6705d7e7e22b1c614bffb5ec28110
37ac3757cfa2939059aea3a44eab79e1c7ae6a0c58ac6622f0f08e2cfc4f88da
380b3838ab9ef33515285fdb148e64344db8907b3f455d4a0140d7aca21ac5e1
3876ba4e584b168e9730dc7eb5279b726799576bd9fec2f063024871bb0d238d
3b7675852c0032c68d5346a141437b47b3206d2dcb964b6242590bd859d08738
3c0eebb084c60d188b19d7e2935a28c04176877b741abddbde9b5b2c061a4f1a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
41d8a10369afc87eff7bd6affde2e89295bff7dfefcc031c6ee80048f047f50d
42ce5aa7a6eb57080cdcd4fe8ef25af848b8f816d8fe9aff2411bbaccead0339
42fb0d9ab007dc9861b57c78de8998989f9e9fe4308ff214ce2d658162998a87
44a9fefe408b6b8e1aa82c1f0b23c7774441fb4212a41ab3c10eb8dee743f1be
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4995efa69f4ecbfe4a7187e5acdb2a1131610b2b1d1f7375f05725366e4db51a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
502646476db88824868f4aa280010eb4851107974aa14d493f531154144dd640
5042196ed1d2e7b16e5568c99ee575076d0a7a2cdfa9f8247ecb358875cc0f5a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5072b1e7b0d89ecedbccf5b44e23dcba3a03ae194f1f251044377f1fa8398f39
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
514e7290606e221930c562ddacfefc9d20edc99a7d8be0fa2ff1e63c181c89e6
538d776381644cbd48429b0b8c715e2841e5a40bc8474b09cfbc4ec095977a43
5404b3e5ac4cfbf127ad547a7b32f48194a209f8eafbcf45fe3849b5126872b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5680a747dd348b317409133b28002a66541c5c2df480a13129921ecf91ce8eaa
57ce55eb83c1b40918eca0c53260d182517525964c4ca0fc90b758011061654a
592fca6aecee214be9552f911b202f4272ec971f82bda483034f5dc53d0c6292
5933e29782692f88bb14f1380e0184d41c703c6e981109d5f587d6ee30c13d9b
59a04622f5e99182b3c574ab7dcd71ec7584783ed2cbf05d437e72080a261105
5a2d7a85ae162c3b93021eb822862af0f54ad62f089ded854d0e0095e13c5f06
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fc3956fe25a8595bf13157d59baccfe50dfbf1eaa0609488bcf6ca4893dfe02
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
6129f529e83bcadb6684660b2ebd6d61ae7e6aaa8269d353bc55f90f96f912b1
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6206823ece3aeb65eb7ba918f096d683b67a8848407378847b1f22551ab8721d
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
651972d44c5e2297ace77500deda284819df62ec9c2ce5aad51ce19894869957
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66fab282a68497eef53dc56860657890e81b9241329eed9949fdf10c7f6f2cd1
685c97eb228678ea23b37ffc41ad2de583cff3f41f8e9029318d33d87cd8accd
68fb0bd2ca7e319ed2dbb4150b02fd2b83e17a79fe7df918a6c4f854ac7849c4
6a319df64e48678808e2977be66c9b3ab98e69b6e25c54b7ef5117f648304ee0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d5e8ca9feac64706168b8a9cedc672fb81acb5f6f10db301525b93b1638edcf
6ee1d727cb89b739a9ed11ffaac0cf86f49c719749320168b04e9e29695e3077
7011c067fa09c4dda2f1d28bc30640aadf146c7b6cbd317a928426db62d5a277
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
72cefe9bdcc3c42576fd4427e76fe35450441d5939583688692cb1ef26806000
7350011b132f55260e54d76fe09d3e63238a42c0922bb170d24359f395c5985c
7396da17c0378d87bd8b16432a5671dbc908d33ea9eff0f5637e06a5d2c0b5d4
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7952e2d4bae54a88c4c6364625d8dfefc7b3e7fee7abbf6be45d92386d15fcf1
7bbc3068f2bde3ba4f55bc8a2e25fde7f1b474dacfd1aa3f94da90ddb97430f2
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fd3f387282cb6c60656f5a173ed9915bee37c32982c94448a5b769f5c64c10c
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84724d98b07d0b16ee81863c6f0e5ffa451bb811e74d30112c20116fda003142
863fa63ab480f689de07b75730f9e729c6806e5184598b655bb259c458ebb947
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b708a36f9e96f299cdce90a1db49298d24d13869e3fd22a3069ad75493b40ab
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d945fcdf89826a862cfddd54d16921d921fcf8ba2567c95e9603aa7fdb2664e
8dfe130ac55b5ba30fb68b19eff9c3d12e2ee471baaf931cbfdff060ae81a086
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
8fc4fdf13550c5988f2958c0c8f10fc56e0bdb9b436e5240b16b0c28eb0387dc
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95211240f9dab3df6a9a0c3b2449b34328b9660a007e8dd55fec62ffda426f8a
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a6d18e5efda6ffec1833f73274a8b01bc202709869bf6c4f805c872ca89af91
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f3fc818c7249993eadd02caad3f9a5de47a06ffd04f3f43ee9318eafdb34336
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0fb37f4b2b417d4b7a83a487b180dac8d823727f48401b40e31f8f5cf4fc491
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aab33303443d3e3506b038f8610f6129fed5dd4f114d63d3da6e729d8462fac7
adf2fe28aaece32a02a9b4507a3751f5654f922c9f0fe7bff93a4bda9280a105
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29843e0137723ee093569bc8ac7613f5c3e90e09aae7a7cd66cba9752a3325f
b39c6e444a38b840877af6f782c78b9514daf617276b9473f2be596f8c577b1a
b4967dbde82b36ba483fcd5315203b1648a86c192ccd826865a634aaa8853208
b4e1b99e3fd7142a36b53c09e8a4ef10d4cb1d3ddab917fc3f8cd4766ad43fb7
b54e80a2760bde6237fd579eab294deec23c2b29f14c4d224a59d8bd76596d39
b96800b65eba54fa61d67a58fb22cb4e3f3043158e0548667990d027e85a9454
b9d88c1280c412b1bccb32e6d99da3369feeb3fae8b64900e7066a1829385699
bb5493ffd3549ac93fabae9d11597e190e8ccac1bf5e068cc5fdbc9243acef19
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf3d98650fe1b3740399f2c5a269c4c2e7182f749a834fa64f05dd2b2afe766f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c46b0f3202b6ed3de261c7db6330ada35ebe706b9aa54266fbb843a727bbd0b2
c7a0d10e4575ed55e94aee103ae3871c3c55660136cd299a2da6290dd5d30df0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
cae5d11c6e8d98a6c941ae3d65fa87efba11f9f61d517f01766729a549177bcb
cc6050bbd2c01a71b42fc8ee334617ff6d3d23129fce22c33855f14749a810a7
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
cdd4b204ea90fde8ddc1180f81080b3170f039b8575f0a1d7b53966c9aa5c1da
cde90dddfcc5ac63a77f89801cc5acf872367a7afcc13653b2e2512943929212
ce0038c0e7d4549ac52e0d4cf8ed89cd620eb684e86bd71b6f3f631f6b6d9aff
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
ce8b9718d88d74d6f539ebdb4f72470461f941693421e6da6a205b422808523f
cef098e58a6cda0170857623c7f097e28719d4f5c9b87904f0961609b9e681d9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08dd909585b451a026b3d16789e8a1927f218ab366c90e9e88f023a4c3034ee
d3996dbb9b092bb5e8aceede71fc973ca8d18f5d962763ab2156d898b5714a42
d43758438ef98c93692c8b1d233640869cf53c082a490e2e31ce94bcf3a6825d
d466a4b2b852286223f23f149a78587be16f7b24eb507fa9268bcccd6d60bc0d
d47ea497ed40ad6af2e33fa01b0ffcaf3a9eb67170b821194ae8380ba61152c1
d5ab9bd0f40c0f4c1fdb48634d6febd51766c895f0b251383d18d2d66a9b6e73
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d703212e12ffcc70403adaae7d72eae71928d44d1b6bf73575b3d455c1a6bb3c
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dbc084bea11452c6c3b142bfad6435b5c6d6188667ddc19ce62d6e0befb0bd4e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1547ba4ccee113d1b691b63da3b5924ee475f37c9bc51817a2f5936b7107f41
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c1430d12f72395c5d480ccb3301528341fd078e00d761eb7a1c3a458d96ce5
e3f8302fbabb94a6b7efb4ad5b7d568acec14fcdd3f6e96602beab3bc6cb2917
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e6533978ddf6d9eadec6481e1f56d8b62d731f809de8ad47ad02b98120811055
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e85de315e0c2fae3e137cded145db08b32c48ce3a96ccffc8f39d8cc9b3734a3
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed3bca384bfd98efd0857d80115eec06ba8aada62fe5c184f8c01ec9508344af
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0381b9eff0a20846c0414a54a3255e094854518ab589f906b2d3bb076e7992c
f07f23b3443818230274c17ee7f1e38065895f94d37218b9f9f6579a443364d8
f0815ddc8168eea11db8d544cdf4f62ec907528101f34925da96b6604a98ce67
f49102fc0bf40b11942b5c3daf0f7c02704b0efb6d69aa196c80b10c8e347eb3
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f654659541fa646fa5be32f988feb749ec6d2a9a0590958eeede894f1c16a675
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f698ed8fe2a56059aafa8acd946d7d02ddb32cb3368c299f4c1b7af3df9c40e4
f76be8aeae1d8dfd158c47335ed63dc38df393e4e4d0d227bb94962cdbabbede
fbbdda8bf807cadb08dcdac88df7b252c90ba4eaf1dc5685c95f92797df58b27

www.kold.com Open in urlscan Pro 2a02:26f0:10e::5435:a1e8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

328 Requests

91 %HTTPS

46 %IPv6

63 Domains

94 Subdomains

75 IPs

10 Countries

5432 kBTransfer

12666 kBSize

52 Cookies

26 Outgoing links

Page URL History

Redirected requests

328 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kold.com Open in urlscan Pro
2a02:26f0:10e::5435:a1e8 Public Scan

Screenshot
Live screenshot

Full Image

328
Requests

91 %
HTTPS

46 %
IPv6

63
Domains

94
Subdomains

75
IPs

10
Countries

5432 kB
Transfer

12666 kB
Size

52
Cookies

328 HTTP transactions
11 data transactions